Contract
0xe37d4F73ef1C85dEf2174A394f17Ac65DD3cBB81
7
Contract Overview
Balance:
0 ETH
My Name Tag:
Not Available
Latest 16 internal transactions
[ Download CSV Export ]
Contract Source Code Verified (Exact Match)
Contract Name:
TokenFacet
Compiler Version
v0.8.17+commit.8df45f5f
Contract Source Code (Solidity Standard Json-Input format)
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/ContextUpgradeable.sol";
import "../proxy/utils/Initializable.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract OwnableUpgradeable is Initializable, ContextUpgradeable {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
function __Ownable_init() internal onlyInitializing {
__Ownable_init_unchained();
}
function __Ownable_init_unchained() internal onlyInitializing {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[49] private __gap;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (proxy/utils/Initializable.sol)
pragma solidity ^0.8.2;
import "../../utils/AddressUpgradeable.sol";
/**
* @dev This is a base contract to aid in writing upgradeable contracts, or any kind of contract that will be deployed
* behind a proxy. Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an
* external initializer function, usually called `initialize`. It then becomes necessary to protect this initializer
* function so it can only be called once. The {initializer} modifier provided by this contract will have this effect.
*
* The initialization functions use a version number. Once a version number is used, it is consumed and cannot be
* reused. This mechanism prevents re-execution of each "step" but allows the creation of new initialization steps in
* case an upgrade adds a module that needs to be initialized.
*
* For example:
*
* [.hljs-theme-light.nopadding]
* ```
* contract MyToken is ERC20Upgradeable {
* function initialize() initializer public {
* __ERC20_init("MyToken", "MTK");
* }
* }
* contract MyTokenV2 is MyToken, ERC20PermitUpgradeable {
* function initializeV2() reinitializer(2) public {
* __ERC20Permit_init("MyToken");
* }
* }
* ```
*
* TIP: To avoid leaving the proxy in an uninitialized state, the initializer function should be called as early as
* possible by providing the encoded function call as the `_data` argument to {ERC1967Proxy-constructor}.
*
* CAUTION: When used with inheritance, manual care must be taken to not invoke a parent initializer twice, or to ensure
* that all initializers are idempotent. This is not verified automatically as constructors are by Solidity.
*
* [CAUTION]
* ====
* Avoid leaving a contract uninitialized.
*
* An uninitialized contract can be taken over by an attacker. This applies to both a proxy and its implementation
* contract, which may impact the proxy. To prevent the implementation contract from being used, you should invoke
* the {_disableInitializers} function in the constructor to automatically lock it when it is deployed:
*
* [.hljs-theme-light.nopadding]
* ```
* /// @custom:oz-upgrades-unsafe-allow constructor
* constructor() {
* _disableInitializers();
* }
* ```
* ====
*/
abstract contract Initializable {
/**
* @dev Indicates that the contract has been initialized.
* @custom:oz-retyped-from bool
*/
uint8 private _initialized;
/**
* @dev Indicates that the contract is in the process of being initialized.
*/
bool private _initializing;
/**
* @dev Triggered when the contract has been initialized or reinitialized.
*/
event Initialized(uint8 version);
/**
* @dev A modifier that defines a protected initializer function that can be invoked at most once. In its scope,
* `onlyInitializing` functions can be used to initialize parent contracts.
*
* Similar to `reinitializer(1)`, except that functions marked with `initializer` can be nested in the context of a
* constructor.
*
* Emits an {Initialized} event.
*/
modifier initializer() {
bool isTopLevelCall = !_initializing;
require(
(isTopLevelCall && _initialized < 1) || (!AddressUpgradeable.isContract(address(this)) && _initialized == 1),
"Initializable: contract is already initialized"
);
_initialized = 1;
if (isTopLevelCall) {
_initializing = true;
}
_;
if (isTopLevelCall) {
_initializing = false;
emit Initialized(1);
}
}
/**
* @dev A modifier that defines a protected reinitializer function that can be invoked at most once, and only if the
* contract hasn't been initialized to a greater version before. In its scope, `onlyInitializing` functions can be
* used to initialize parent contracts.
*
* A reinitializer may be used after the original initialization step. This is essential to configure modules that
* are added through upgrades and that require initialization.
*
* When `version` is 1, this modifier is similar to `initializer`, except that functions marked with `reinitializer`
* cannot be nested. If one is invoked in the context of another, execution will revert.
*
* Note that versions can jump in increments greater than 1; this implies that if multiple reinitializers coexist in
* a contract, executing them in the right order is up to the developer or operator.
*
* WARNING: setting the version to 255 will prevent any future reinitialization.
*
* Emits an {Initialized} event.
*/
modifier reinitializer(uint8 version) {
require(!_initializing && _initialized < version, "Initializable: contract is already initialized");
_initialized = version;
_initializing = true;
_;
_initializing = false;
emit Initialized(version);
}
/**
* @dev Modifier to protect an initialization function so that it can only be invoked by functions with the
* {initializer} and {reinitializer} modifiers, directly or indirectly.
*/
modifier onlyInitializing() {
require(_initializing, "Initializable: contract is not initializing");
_;
}
/**
* @dev Locks the contract, preventing any future reinitialization. This cannot be part of an initializer call.
* Calling this in the constructor of a contract will prevent that contract from being initialized or reinitialized
* to any version. It is recommended to use this to lock implementation contracts that are designed to be called
* through proxies.
*
* Emits an {Initialized} event the first time it is successfully executed.
*/
function _disableInitializers() internal virtual {
require(!_initializing, "Initializable: contract is initializing");
if (_initialized < type(uint8).max) {
_initialized = type(uint8).max;
emit Initialized(type(uint8).max);
}
}
/**
* @dev Internal function that returns the initialized version. Returns `_initialized`
*/
function _getInitializedVersion() internal view returns (uint8) {
return _initialized;
}
/**
* @dev Internal function that returns the initialized version. Returns `_initializing`
*/
function _isInitializing() internal view returns (bool) {
return _initializing;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/ERC20.sol)
pragma solidity ^0.8.0;
import "./IERC20Upgradeable.sol";
import "./extensions/IERC20MetadataUpgradeable.sol";
import "../../utils/ContextUpgradeable.sol";
import "../../proxy/utils/Initializable.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.openzeppelin.com/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin Contracts guidelines: functions revert
* instead returning `false` on failure. This behavior is nonetheless
* conventional and does not conflict with the expectations of ERC20
* applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*/
contract ERC20Upgradeable is Initializable, ContextUpgradeable, IERC20Upgradeable, IERC20MetadataUpgradeable {
mapping(address => uint256) private _balances;
mapping(address => mapping(address => uint256)) private _allowances;
uint256 private _totalSupply;
string private _name;
string private _symbol;
/**
* @dev Sets the values for {name} and {symbol}.
*
* The default value of {decimals} is 18. To select a different value for
* {decimals} you should overload it.
*
* All two of these values are immutable: they can only be set once during
* construction.
*/
function __ERC20_init(string memory name_, string memory symbol_) internal onlyInitializing {
__ERC20_init_unchained(name_, symbol_);
}
function __ERC20_init_unchained(string memory name_, string memory symbol_) internal onlyInitializing {
_name = name_;
_symbol = symbol_;
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual override returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual override returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless this function is
* overridden;
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual override returns (uint8) {
return 18;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address to, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_transfer(owner, to, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address owner, address spender) public view virtual override returns (uint256) {
return _allowances[owner][spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
address owner = _msgSender();
_approve(owner, spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* NOTE: Does not update the allowance if the current allowance
* is the maximum `uint256`.
*
* Requirements:
*
* - `from` and `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
* - the caller must have allowance for ``from``'s tokens of at least
* `amount`.
*/
function transferFrom(
address from,
address to,
uint256 amount
) public virtual override returns (bool) {
address spender = _msgSender();
_spendAllowance(from, spender, amount);
_transfer(from, to, amount);
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function increaseAllowance(address spender, uint256 addedValue) public virtual returns (bool) {
address owner = _msgSender();
_approve(owner, spender, allowance(owner, spender) + addedValue);
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `spender` must have allowance for the caller of at least
* `subtractedValue`.
*/
function decreaseAllowance(address spender, uint256 subtractedValue) public virtual returns (bool) {
address owner = _msgSender();
uint256 currentAllowance = allowance(owner, spender);
require(currentAllowance >= subtractedValue, "ERC20: decreased allowance below zero");
unchecked {
_approve(owner, spender, currentAllowance - subtractedValue);
}
return true;
}
/**
* @dev Moves `amount` of tokens from `from` to `to`.
*
* This internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `from` cannot be the zero address.
* - `to` cannot be the zero address.
* - `from` must have a balance of at least `amount`.
*/
function _transfer(
address from,
address to,
uint256 amount
) internal virtual {
require(from != address(0), "ERC20: transfer from the zero address");
require(to != address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(from, to, amount);
uint256 fromBalance = _balances[from];
require(fromBalance >= amount, "ERC20: transfer amount exceeds balance");
unchecked {
_balances[from] = fromBalance - amount;
// Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by
// decrementing then incrementing.
_balances[to] += amount;
}
emit Transfer(from, to, amount);
_afterTokenTransfer(from, to, amount);
}
/** @dev Creates `amount` tokens and assigns them to `account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
*/
function _mint(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), account, amount);
_totalSupply += amount;
unchecked {
// Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
_balances[account] += amount;
}
emit Transfer(address(0), account, amount);
_afterTokenTransfer(address(0), account, amount);
}
/**
* @dev Destroys `amount` tokens from `account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `account` cannot be the zero address.
* - `account` must have at least `amount` tokens.
*/
function _burn(address account, uint256 amount) internal virtual {
require(account != address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(account, address(0), amount);
uint256 accountBalance = _balances[account];
require(accountBalance >= amount, "ERC20: burn amount exceeds balance");
unchecked {
_balances[account] = accountBalance - amount;
// Overflow not possible: amount <= accountBalance <= totalSupply.
_totalSupply -= amount;
}
emit Transfer(account, address(0), amount);
_afterTokenTransfer(account, address(0), amount);
}
/**
* @dev Sets `amount` as the allowance of `spender` over the `owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `owner` cannot be the zero address.
* - `spender` cannot be the zero address.
*/
function _approve(
address owner,
address spender,
uint256 amount
) internal virtual {
require(owner != address(0), "ERC20: approve from the zero address");
require(spender != address(0), "ERC20: approve to the zero address");
_allowances[owner][spender] = amount;
emit Approval(owner, spender, amount);
}
/**
* @dev Updates `owner` s allowance for `spender` based on spent `amount`.
*
* Does not update the allowance amount in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Might emit an {Approval} event.
*/
function _spendAllowance(
address owner,
address spender,
uint256 amount
) internal virtual {
uint256 currentAllowance = allowance(owner, spender);
if (currentAllowance != type(uint256).max) {
require(currentAllowance >= amount, "ERC20: insufficient allowance");
unchecked {
_approve(owner, spender, currentAllowance - amount);
}
}
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* will be transferred to `to`.
* - when `from` is zero, `amount` tokens will be minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens will be burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* has been transferred to `to`.
* - when `from` is zero, `amount` tokens have been minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens have been burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _afterTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual {}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[45] private __gap;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20Upgradeable {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(
address from,
address to,
uint256 amount
) external returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.5.0) (token/ERC20/extensions/ERC20Burnable.sol)
pragma solidity ^0.8.0;
import "../ERC20Upgradeable.sol";
import "../../../utils/ContextUpgradeable.sol";
import "../../../proxy/utils/Initializable.sol";
/**
* @dev Extension of {ERC20} that allows token holders to destroy both their own
* tokens and those that they have an allowance for, in a way that can be
* recognized off-chain (via event analysis).
*/
abstract contract ERC20BurnableUpgradeable is Initializable, ContextUpgradeable, ERC20Upgradeable {
function __ERC20Burnable_init() internal onlyInitializing {
}
function __ERC20Burnable_init_unchained() internal onlyInitializing {
}
/**
* @dev Destroys `amount` tokens from the caller.
*
* See {ERC20-_burn}.
*/
function burn(uint256 amount) public virtual {
_burn(_msgSender(), amount);
}
/**
* @dev Destroys `amount` tokens from `account`, deducting from the caller's
* allowance.
*
* See {ERC20-_burn} and {ERC20-allowance}.
*
* Requirements:
*
* - the caller must have allowance for ``accounts``'s tokens of at least
* `amount`.
*/
function burnFrom(address account, uint256 amount) public virtual {
_spendAllowance(account, _msgSender(), amount);
_burn(account, amount);
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.0;
import "../IERC20Upgradeable.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*
* _Available since v4.1._
*/
interface IERC20MetadataUpgradeable is IERC20Upgradeable {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library AddressUpgradeable {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
import "../proxy/utils/Initializable.sol";
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract ContextUpgradeable is Initializable {
function __Context_init() internal onlyInitializing {
}
function __Context_init_unchained() internal onlyInitializing {
}
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
/**
* @dev This empty reserved space is put in place to allow future versions to add new
* variables without shifting down storage in the inheritance chain.
* See https://docs.openzeppelin.com/contracts/4.x/upgradeable#storage_gaps
*/
uint256[50] private __gap;
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.7.0) (access/Ownable.sol)
pragma solidity ^0.8.0;
import "../utils/Context.sol";
/**
* @dev Contract module which provides a basic access control mechanism, where
* there is an account (an owner) that can be granted exclusive access to
* specific functions.
*
* By default, the owner account will be the one that deploys the contract. This
* can later be changed with {transferOwnership}.
*
* This module is used through inheritance. It will make available the modifier
* `onlyOwner`, which can be applied to your functions to restrict their use to
* the owner.
*/
abstract contract Ownable is Context {
address private _owner;
event OwnershipTransferred(address indexed previousOwner, address indexed newOwner);
/**
* @dev Initializes the contract setting the deployer as the initial owner.
*/
constructor() {
_transferOwnership(_msgSender());
}
/**
* @dev Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
_checkOwner();
_;
}
/**
* @dev Returns the address of the current owner.
*/
function owner() public view virtual returns (address) {
return _owner;
}
/**
* @dev Throws if the sender is not the owner.
*/
function _checkOwner() internal view virtual {
require(owner() == _msgSender(), "Ownable: caller is not the owner");
}
/**
* @dev Leaves the contract without owner. It will not be possible to call
* `onlyOwner` functions anymore. Can only be called by the current owner.
*
* NOTE: Renouncing ownership will leave the contract without an owner,
* thereby removing any functionality that is only available to the owner.
*/
function renounceOwnership() public virtual onlyOwner {
_transferOwnership(address(0));
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Can only be called by the current owner.
*/
function transferOwnership(address newOwner) public virtual onlyOwner {
require(newOwner != address(0), "Ownable: new owner is the zero address");
_transferOwnership(newOwner);
}
/**
* @dev Transfers ownership of the contract to a new account (`newOwner`).
* Internal function without access restriction.
*/
function _transferOwnership(address newOwner) internal virtual {
address oldOwner = _owner;
_owner = newOwner;
emit OwnershipTransferred(oldOwner, newOwner);
}
}// SPDX-License-Identifier: MIT // OpenZeppelin Contracts v4.4.1 (interfaces/IERC20Metadata.sol) pragma solidity ^0.8.0; import "../token/ERC20/extensions/IERC20Metadata.sol";
// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.6.0) (token/ERC20/IERC20.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 standard as defined in the EIP.
*/
interface IERC20 {
/**
* @dev Emitted when `value` tokens are moved from one account (`from`) to
* another (`to`).
*
* Note that `value` may be zero.
*/
event Transfer(address indexed from, address indexed to, uint256 value);
/**
* @dev Emitted when the allowance of a `spender` for an `owner` is set by
* a call to {approve}. `value` is the new allowance.
*/
event Approval(address indexed owner, address indexed spender, uint256 value);
/**
* @dev Returns the amount of tokens in existence.
*/
function totalSupply() external view returns (uint256);
/**
* @dev Returns the amount of tokens owned by `account`.
*/
function balanceOf(address account) external view returns (uint256);
/**
* @dev Moves `amount` tokens from the caller's account to `to`.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transfer(address to, uint256 amount) external returns (bool);
/**
* @dev Returns the remaining number of tokens that `spender` will be
* allowed to spend on behalf of `owner` through {transferFrom}. This is
* zero by default.
*
* This value changes when {approve} or {transferFrom} are called.
*/
function allowance(address owner, address spender) external view returns (uint256);
/**
* @dev Sets `amount` as the allowance of `spender` over the caller's tokens.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* IMPORTANT: Beware that changing an allowance with this method brings the risk
* that someone may use both the old and the new allowance by unfortunate
* transaction ordering. One possible solution to mitigate this race
* condition is to first reduce the spender's allowance to 0 and set the
* desired value afterwards:
* https://github.com/ethereum/EIPs/issues/20#issuecomment-263524729
*
* Emits an {Approval} event.
*/
function approve(address spender, uint256 amount) external returns (bool);
/**
* @dev Moves `amount` tokens from `from` to `to` using the
* allowance mechanism. `amount` is then deducted from the caller's
* allowance.
*
* Returns a boolean value indicating whether the operation succeeded.
*
* Emits a {Transfer} event.
*/
function transferFrom(
address from,
address to,
uint256 amount
) external returns (bool);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/IERC20Metadata.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
/**
* @dev Interface for the optional metadata functions from the ERC20 standard.
*
* _Available since v4.1._
*/
interface IERC20Metadata is IERC20 {
/**
* @dev Returns the name of the token.
*/
function name() external view returns (string memory);
/**
* @dev Returns the symbol of the token.
*/
function symbol() external view returns (string memory);
/**
* @dev Returns the decimals places of the token.
*/
function decimals() external view returns (uint8);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (token/ERC20/extensions/draft-IERC20Permit.sol)
pragma solidity ^0.8.0;
/**
* @dev Interface of the ERC20 Permit extension allowing approvals to be made via signatures, as defined in
* https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20 allowance (see {IERC20-allowance}) by
* presenting a message signed by the account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*/
interface IERC20Permit {
/**
* @dev Sets `value` as the allowance of `spender` over ``owner``'s tokens,
* given ``owner``'s signed approval.
*
* IMPORTANT: The same issues {IERC20-approve} has related to transaction
* ordering also apply here.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `spender` cannot be the zero address.
* - `deadline` must be a timestamp in the future.
* - `v`, `r` and `s` must be a valid `secp256k1` signature from `owner`
* over the EIP712-formatted function arguments.
* - the signature must use ``owner``'s current nonce (see {nonces}).
*
* For more information on the signature format, see the
* https://eips.ethereum.org/EIPS/eip-2612#specification[relevant EIP
* section].
*/
function permit(
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) external;
/**
* @dev Returns the current nonce for `owner`. This value must be
* included whenever a signature is generated for {permit}.
*
* Every successful call to {permit} increases ``owner``'s nonce by one. This
* prevents a signature from being used multiple times.
*/
function nonces(address owner) external view returns (uint256);
/**
* @dev Returns the domain separator used in the encoding of the signature for {permit}, as defined by {EIP712}.
*/
// solhint-disable-next-line func-name-mixedcase
function DOMAIN_SEPARATOR() external view returns (bytes32);
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (token/ERC20/utils/SafeERC20.sol)
pragma solidity ^0.8.0;
import "../IERC20.sol";
import "../extensions/draft-IERC20Permit.sol";
import "../../../utils/Address.sol";
/**
* @title SafeERC20
* @dev Wrappers around ERC20 operations that throw on failure (when the token
* contract returns false). Tokens that return no value (and instead revert or
* throw on failure) are also supported, non-reverting calls are assumed to be
* successful.
* To use this library you can add a `using SafeERC20 for IERC20;` statement to your contract,
* which allows you to call the safe operations as `token.safeTransfer(...)`, etc.
*/
library SafeERC20 {
using Address for address;
function safeTransfer(
IERC20 token,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transfer.selector, to, value));
}
function safeTransferFrom(
IERC20 token,
address from,
address to,
uint256 value
) internal {
_callOptionalReturn(token, abi.encodeWithSelector(token.transferFrom.selector, from, to, value));
}
/**
* @dev Deprecated. This function has issues similar to the ones found in
* {IERC20-approve}, and its usage is discouraged.
*
* Whenever possible, use {safeIncreaseAllowance} and
* {safeDecreaseAllowance} instead.
*/
function safeApprove(
IERC20 token,
address spender,
uint256 value
) internal {
// safeApprove should only be called when setting an initial allowance,
// or when resetting it to zero. To increase and decrease it, use
// 'safeIncreaseAllowance' and 'safeDecreaseAllowance'
require(
(value == 0) || (token.allowance(address(this), spender) == 0),
"SafeERC20: approve from non-zero to non-zero allowance"
);
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, value));
}
function safeIncreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
uint256 newAllowance = token.allowance(address(this), spender) + value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
function safeDecreaseAllowance(
IERC20 token,
address spender,
uint256 value
) internal {
unchecked {
uint256 oldAllowance = token.allowance(address(this), spender);
require(oldAllowance >= value, "SafeERC20: decreased allowance below zero");
uint256 newAllowance = oldAllowance - value;
_callOptionalReturn(token, abi.encodeWithSelector(token.approve.selector, spender, newAllowance));
}
}
function safePermit(
IERC20Permit token,
address owner,
address spender,
uint256 value,
uint256 deadline,
uint8 v,
bytes32 r,
bytes32 s
) internal {
uint256 nonceBefore = token.nonces(owner);
token.permit(owner, spender, value, deadline, v, r, s);
uint256 nonceAfter = token.nonces(owner);
require(nonceAfter == nonceBefore + 1, "SafeERC20: permit did not succeed");
}
/**
* @dev Imitates a Solidity high-level call (i.e. a regular function call to a contract), relaxing the requirement
* on the return value: the return value is optional (but if data is returned, it must not be false).
* @param token The token targeted by the call.
* @param data The call data (encoded using abi.encode or one of its variants).
*/
function _callOptionalReturn(IERC20 token, bytes memory data) private {
// We need to perform a low level call here, to bypass Solidity's return data size checking mechanism, since
// we're implementing it ourselves. We use {Address-functionCall} to perform this call, which verifies that
// the target address contains contract code and also asserts for success in the low-level call.
bytes memory returndata = address(token).functionCall(data, "SafeERC20: low-level call failed");
if (returndata.length > 0) {
// Return data is optional
require(abi.decode(returndata, (bool)), "SafeERC20: ERC20 operation did not succeed");
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Address.sol)
pragma solidity ^0.8.1;
/**
* @dev Collection of functions related to the address type
*/
library Address {
/**
* @dev Returns true if `account` is a contract.
*
* [IMPORTANT]
* ====
* It is unsafe to assume that an address for which this function returns
* false is an externally-owned account (EOA) and not a contract.
*
* Among others, `isContract` will return false for the following
* types of addresses:
*
* - an externally-owned account
* - a contract in construction
* - an address where a contract will be created
* - an address where a contract lived, but was destroyed
* ====
*
* [IMPORTANT]
* ====
* You shouldn't rely on `isContract` to protect against flash loan attacks!
*
* Preventing calls from contracts is highly discouraged. It breaks composability, breaks support for smart wallets
* like Gnosis Safe, and does not provide security since it can be circumvented by calling from a contract
* constructor.
* ====
*/
function isContract(address account) internal view returns (bool) {
// This method relies on extcodesize/address.code.length, which returns 0
// for contracts in construction, since the code is only stored at the end
// of the constructor execution.
return account.code.length > 0;
}
/**
* @dev Replacement for Solidity's `transfer`: sends `amount` wei to
* `recipient`, forwarding all available gas and reverting on errors.
*
* https://eips.ethereum.org/EIPS/eip-1884[EIP1884] increases the gas cost
* of certain opcodes, possibly making contracts go over the 2300 gas limit
* imposed by `transfer`, making them unable to receive funds via
* `transfer`. {sendValue} removes this limitation.
*
* https://diligence.consensys.net/posts/2019/09/stop-using-soliditys-transfer-now/[Learn more].
*
* IMPORTANT: because control is transferred to `recipient`, care must be
* taken to not create reentrancy vulnerabilities. Consider using
* {ReentrancyGuard} or the
* https://solidity.readthedocs.io/en/v0.5.11/security-considerations.html#use-the-checks-effects-interactions-pattern[checks-effects-interactions pattern].
*/
function sendValue(address payable recipient, uint256 amount) internal {
require(address(this).balance >= amount, "Address: insufficient balance");
(bool success, ) = recipient.call{value: amount}("");
require(success, "Address: unable to send value, recipient may have reverted");
}
/**
* @dev Performs a Solidity function call using a low level `call`. A
* plain `call` is an unsafe replacement for a function call: use this
* function instead.
*
* If `target` reverts with a revert reason, it is bubbled up by this
* function (like regular Solidity function calls).
*
* Returns the raw returned data. To convert to the expected return value,
* use https://solidity.readthedocs.io/en/latest/units-and-global-variables.html?highlight=abi.decode#abi-encoding-and-decoding-functions[`abi.decode`].
*
* Requirements:
*
* - `target` must be a contract.
* - calling `target` with `data` must not revert.
*
* _Available since v3.1._
*/
function functionCall(address target, bytes memory data) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, "Address: low-level call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`], but with
* `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
return functionCallWithValue(target, data, 0, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but also transferring `value` wei to `target`.
*
* Requirements:
*
* - the calling contract must have an ETH balance of at least `value`.
* - the called Solidity function must be `payable`.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value
) internal returns (bytes memory) {
return functionCallWithValue(target, data, value, "Address: low-level call with value failed");
}
/**
* @dev Same as {xref-Address-functionCallWithValue-address-bytes-uint256-}[`functionCallWithValue`], but
* with `errorMessage` as a fallback revert reason when `target` reverts.
*
* _Available since v3.1._
*/
function functionCallWithValue(
address target,
bytes memory data,
uint256 value,
string memory errorMessage
) internal returns (bytes memory) {
require(address(this).balance >= value, "Address: insufficient balance for call");
(bool success, bytes memory returndata) = target.call{value: value}(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(address target, bytes memory data) internal view returns (bytes memory) {
return functionStaticCall(target, data, "Address: low-level static call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a static call.
*
* _Available since v3.3._
*/
function functionStaticCall(
address target,
bytes memory data,
string memory errorMessage
) internal view returns (bytes memory) {
(bool success, bytes memory returndata) = target.staticcall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(address target, bytes memory data) internal returns (bytes memory) {
return functionDelegateCall(target, data, "Address: low-level delegate call failed");
}
/**
* @dev Same as {xref-Address-functionCall-address-bytes-string-}[`functionCall`],
* but performing a delegate call.
*
* _Available since v3.4._
*/
function functionDelegateCall(
address target,
bytes memory data,
string memory errorMessage
) internal returns (bytes memory) {
(bool success, bytes memory returndata) = target.delegatecall(data);
return verifyCallResultFromTarget(target, success, returndata, errorMessage);
}
/**
* @dev Tool to verify that a low level call to smart-contract was successful, and revert (either by bubbling
* the revert reason or using the provided one) in case of unsuccessful call or if target was not a contract.
*
* _Available since v4.8._
*/
function verifyCallResultFromTarget(
address target,
bool success,
bytes memory returndata,
string memory errorMessage
) internal view returns (bytes memory) {
if (success) {
if (returndata.length == 0) {
// only check isContract if the call was successful and the return data is empty
// otherwise we already know that it was a contract
require(isContract(target), "Address: call to non-contract");
}
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
/**
* @dev Tool to verify that a low level call was successful, and revert if it wasn't, either by bubbling the
* revert reason or using the provided one.
*
* _Available since v4.3._
*/
function verifyCallResult(
bool success,
bytes memory returndata,
string memory errorMessage
) internal pure returns (bytes memory) {
if (success) {
return returndata;
} else {
_revert(returndata, errorMessage);
}
}
function _revert(bytes memory returndata, string memory errorMessage) private pure {
// Look for revert reason and bubble it up if present
if (returndata.length > 0) {
// The easiest way to bubble the revert reason is using memory via assembly
/// @solidity memory-safe-assembly
assembly {
let returndata_size := mload(returndata)
revert(add(32, returndata), returndata_size)
}
} else {
revert(errorMessage);
}
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Context.sol)
pragma solidity ^0.8.0;
/**
* @dev Provides information about the current execution context, including the
* sender of the transaction and its data. While these are generally available
* via msg.sender and msg.data, they should not be accessed in such a direct
* manner, since when dealing with meta-transactions the account sending and
* paying for execution may not be the actual sender (as far as an application
* is concerned).
*
* This contract is only required for intermediate, library-like contracts.
*/
abstract contract Context {
function _msgSender() internal view virtual returns (address) {
return msg.sender;
}
function _msgData() internal view virtual returns (bytes calldata) {
return msg.data;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts v4.4.1 (utils/Counters.sol)
pragma solidity ^0.8.0;
/**
* @title Counters
* @author Matt Condon (@shrugs)
* @dev Provides counters that can only be incremented, decremented or reset. This can be used e.g. to track the number
* of elements in a mapping, issuing ERC721 ids, or counting request ids.
*
* Include with `using Counters for Counters.Counter;`
*/
library Counters {
struct Counter {
// This variable should never be directly accessed by users of the library: interactions must be restricted to
// the library's function. As of Solidity v0.5.2, this cannot be enforced, though there is a proposal to add
// this feature: see https://github.com/ethereum/solidity/issues/4637
uint256 _value; // default: 0
}
function current(Counter storage counter) internal view returns (uint256) {
return counter._value;
}
function increment(Counter storage counter) internal {
unchecked {
counter._value += 1;
}
}
function decrement(Counter storage counter) internal {
uint256 value = counter._value;
require(value > 0, "Counter: decrement overflow");
unchecked {
counter._value = value - 1;
}
}
function reset(Counter storage counter) internal {
counter._value = 0;
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/Strings.sol)
pragma solidity ^0.8.0;
import "./math/Math.sol";
/**
* @dev String operations.
*/
library Strings {
bytes16 private constant _SYMBOLS = "0123456789abcdef";
uint8 private constant _ADDRESS_LENGTH = 20;
/**
* @dev Converts a `uint256` to its ASCII `string` decimal representation.
*/
function toString(uint256 value) internal pure returns (string memory) {
unchecked {
uint256 length = Math.log10(value) + 1;
string memory buffer = new string(length);
uint256 ptr;
/// @solidity memory-safe-assembly
assembly {
ptr := add(buffer, add(32, length))
}
while (true) {
ptr--;
/// @solidity memory-safe-assembly
assembly {
mstore8(ptr, byte(mod(value, 10), _SYMBOLS))
}
value /= 10;
if (value == 0) break;
}
return buffer;
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation.
*/
function toHexString(uint256 value) internal pure returns (string memory) {
unchecked {
return toHexString(value, Math.log256(value) + 1);
}
}
/**
* @dev Converts a `uint256` to its ASCII `string` hexadecimal representation with fixed length.
*/
function toHexString(uint256 value, uint256 length) internal pure returns (string memory) {
bytes memory buffer = new bytes(2 * length + 2);
buffer[0] = "0";
buffer[1] = "x";
for (uint256 i = 2 * length + 1; i > 1; --i) {
buffer[i] = _SYMBOLS[value & 0xf];
value >>= 4;
}
require(value == 0, "Strings: hex length insufficient");
return string(buffer);
}
/**
* @dev Converts an `address` with fixed length of 20 bytes to its not checksummed ASCII `string` hexadecimal representation.
*/
function toHexString(address addr) internal pure returns (string memory) {
return toHexString(uint256(uint160(addr)), _ADDRESS_LENGTH);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/ECDSA.sol)
pragma solidity ^0.8.0;
import "../Strings.sol";
/**
* @dev Elliptic Curve Digital Signature Algorithm (ECDSA) operations.
*
* These functions can be used to verify that a message was signed by the holder
* of the private keys of a given address.
*/
library ECDSA {
enum RecoverError {
NoError,
InvalidSignature,
InvalidSignatureLength,
InvalidSignatureS,
InvalidSignatureV // Deprecated in v4.8
}
function _throwError(RecoverError error) private pure {
if (error == RecoverError.NoError) {
return; // no error: do nothing
} else if (error == RecoverError.InvalidSignature) {
revert("ECDSA: invalid signature");
} else if (error == RecoverError.InvalidSignatureLength) {
revert("ECDSA: invalid signature length");
} else if (error == RecoverError.InvalidSignatureS) {
revert("ECDSA: invalid signature 's' value");
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature` or error string. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*
* Documentation for signature generation:
* - with https://web3js.readthedocs.io/en/v1.3.4/web3-eth-accounts.html#sign[Web3.js]
* - with https://docs.ethers.io/v5/api/signer/#Signer-signMessage[ethers]
*
* _Available since v4.3._
*/
function tryRecover(bytes32 hash, bytes memory signature) internal pure returns (address, RecoverError) {
if (signature.length == 65) {
bytes32 r;
bytes32 s;
uint8 v;
// ecrecover takes the signature parameters, and the only way to get them
// currently is to use assembly.
/// @solidity memory-safe-assembly
assembly {
r := mload(add(signature, 0x20))
s := mload(add(signature, 0x40))
v := byte(0, mload(add(signature, 0x60)))
}
return tryRecover(hash, v, r, s);
} else {
return (address(0), RecoverError.InvalidSignatureLength);
}
}
/**
* @dev Returns the address that signed a hashed message (`hash`) with
* `signature`. This address can then be used for verification purposes.
*
* The `ecrecover` EVM opcode allows for malleable (non-unique) signatures:
* this function rejects them by requiring the `s` value to be in the lower
* half order, and the `v` value to be either 27 or 28.
*
* IMPORTANT: `hash` _must_ be the result of a hash operation for the
* verification to be secure: it is possible to craft signatures that
* recover to arbitrary addresses for non-hashed data. A safe way to ensure
* this is by receiving a hash of the original message (which may otherwise
* be too long), and then calling {toEthSignedMessageHash} on it.
*/
function recover(bytes32 hash, bytes memory signature) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, signature);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `r` and `vs` short-signature fields separately.
*
* See https://eips.ethereum.org/EIPS/eip-2098[EIP-2098 short signatures]
*
* _Available since v4.3._
*/
function tryRecover(
bytes32 hash,
bytes32 r,
bytes32 vs
) internal pure returns (address, RecoverError) {
bytes32 s = vs & bytes32(0x7fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff);
uint8 v = uint8((uint256(vs) >> 255) + 27);
return tryRecover(hash, v, r, s);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `r and `vs` short-signature fields separately.
*
* _Available since v4.2._
*/
function recover(
bytes32 hash,
bytes32 r,
bytes32 vs
) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, r, vs);
_throwError(error);
return recovered;
}
/**
* @dev Overload of {ECDSA-tryRecover} that receives the `v`,
* `r` and `s` signature fields separately.
*
* _Available since v4.3._
*/
function tryRecover(
bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internal pure returns (address, RecoverError) {
// EIP-2 still allows signature malleability for ecrecover(). Remove this possibility and make the signature
// unique. Appendix F in the Ethereum Yellow paper (https://ethereum.github.io/yellowpaper/paper.pdf), defines
// the valid range for s in (301): 0 < s < secp256k1n ÷ 2 + 1, and for v in (302): v ∈ {27, 28}. Most
// signatures from current libraries generate a unique signature with an s-value in the lower half order.
//
// If your library generates malleable signatures, such as s-values in the upper range, calculate a new s-value
// with 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 - s1 and flip v from 27 to 28 or
// vice versa. If your library also generates signatures with 0/1 for v instead 27/28, add 27 to v to accept
// these malleable signatures as well.
if (uint256(s) > 0x7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF5D576E7357A4501DDFE92F46681B20A0) {
return (address(0), RecoverError.InvalidSignatureS);
}
// If the signature is valid (and not malleable), return the signer address
address signer = ecrecover(hash, v, r, s);
if (signer == address(0)) {
return (address(0), RecoverError.InvalidSignature);
}
return (signer, RecoverError.NoError);
}
/**
* @dev Overload of {ECDSA-recover} that receives the `v`,
* `r` and `s` signature fields separately.
*/
function recover(
bytes32 hash,
uint8 v,
bytes32 r,
bytes32 s
) internal pure returns (address) {
(address recovered, RecoverError error) = tryRecover(hash, v, r, s);
_throwError(error);
return recovered;
}
/**
* @dev Returns an Ethereum Signed Message, created from a `hash`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes32 hash) internal pure returns (bytes32) {
// 32 is the length in bytes of hash,
// enforced by the type signature above
return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n32", hash));
}
/**
* @dev Returns an Ethereum Signed Message, created from `s`. This
* produces hash corresponding to the one signed with the
* https://eth.wiki/json-rpc/API#eth_sign[`eth_sign`]
* JSON-RPC method as part of EIP-191.
*
* See {recover}.
*/
function toEthSignedMessageHash(bytes memory s) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19Ethereum Signed Message:\n", Strings.toString(s.length), s));
}
/**
* @dev Returns an Ethereum Signed Typed Data, created from a
* `domainSeparator` and a `structHash`. This produces hash corresponding
* to the one signed with the
* https://eips.ethereum.org/EIPS/eip-712[`eth_signTypedData`]
* JSON-RPC method as part of EIP-712.
*
* See {recover}.
*/
function toTypedDataHash(bytes32 domainSeparator, bytes32 structHash) internal pure returns (bytes32) {
return keccak256(abi.encodePacked("\x19\x01", domainSeparator, structHash));
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/cryptography/EIP712.sol)
pragma solidity ^0.8.0;
import "./ECDSA.sol";
/**
* @dev https://eips.ethereum.org/EIPS/eip-712[EIP 712] is a standard for hashing and signing of typed structured data.
*
* The encoding specified in the EIP is very generic, and such a generic implementation in Solidity is not feasible,
* thus this contract does not implement the encoding itself. Protocols need to implement the type-specific encoding
* they need in their contracts using a combination of `abi.encode` and `keccak256`.
*
* This contract implements the EIP 712 domain separator ({_domainSeparatorV4}) that is used as part of the encoding
* scheme, and the final step of the encoding to obtain the message digest that is then signed via ECDSA
* ({_hashTypedDataV4}).
*
* The implementation of the domain separator was designed to be as efficient as possible while still properly updating
* the chain id to protect against replay attacks on an eventual fork of the chain.
*
* NOTE: This contract implements the version of the encoding known as "v4", as implemented by the JSON RPC method
* https://docs.metamask.io/guide/signing-data.html[`eth_signTypedDataV4` in MetaMask].
*
* _Available since v3.4._
*/
abstract contract EIP712 {
/* solhint-disable var-name-mixedcase */
// Cache the domain separator as an immutable value, but also store the chain id that it corresponds to, in order to
// invalidate the cached domain separator if the chain id changes.
bytes32 private immutable _CACHED_DOMAIN_SEPARATOR;
uint256 private immutable _CACHED_CHAIN_ID;
address private immutable _CACHED_THIS;
bytes32 private immutable _HASHED_NAME;
bytes32 private immutable _HASHED_VERSION;
bytes32 private immutable _TYPE_HASH;
/* solhint-enable var-name-mixedcase */
/**
* @dev Initializes the domain separator and parameter caches.
*
* The meaning of `name` and `version` is specified in
* https://eips.ethereum.org/EIPS/eip-712#definition-of-domainseparator[EIP 712]:
*
* - `name`: the user readable name of the signing domain, i.e. the name of the DApp or the protocol.
* - `version`: the current major version of the signing domain.
*
* NOTE: These parameters cannot be changed except through a xref:learn::upgrading-smart-contracts.adoc[smart
* contract upgrade].
*/
constructor(string memory name, string memory version) {
bytes32 hashedName = keccak256(bytes(name));
bytes32 hashedVersion = keccak256(bytes(version));
bytes32 typeHash = keccak256(
"EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"
);
_HASHED_NAME = hashedName;
_HASHED_VERSION = hashedVersion;
_CACHED_CHAIN_ID = block.chainid;
_CACHED_DOMAIN_SEPARATOR = _buildDomainSeparator(typeHash, hashedName, hashedVersion);
_CACHED_THIS = address(this);
_TYPE_HASH = typeHash;
}
/**
* @dev Returns the domain separator for the current chain.
*/
function _domainSeparatorV4() internal view returns (bytes32) {
if (address(this) == _CACHED_THIS && block.chainid == _CACHED_CHAIN_ID) {
return _CACHED_DOMAIN_SEPARATOR;
} else {
return _buildDomainSeparator(_TYPE_HASH, _HASHED_NAME, _HASHED_VERSION);
}
}
function _buildDomainSeparator(
bytes32 typeHash,
bytes32 nameHash,
bytes32 versionHash
) private view returns (bytes32) {
return keccak256(abi.encode(typeHash, nameHash, versionHash, block.chainid, address(this)));
}
/**
* @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this
* function returns the hash of the fully encoded EIP712 message for this domain.
*
* This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example:
*
* ```solidity
* bytes32 digest = _hashTypedDataV4(keccak256(abi.encode(
* keccak256("Mail(address to,string contents)"),
* mailTo,
* keccak256(bytes(mailContents))
* )));
* address signer = ECDSA.recover(digest, signature);
* ```
*/
function _hashTypedDataV4(bytes32 structHash) internal view virtual returns (bytes32) {
return ECDSA.toTypedDataHash(_domainSeparatorV4(), structHash);
}
}// SPDX-License-Identifier: MIT
// OpenZeppelin Contracts (last updated v4.8.0) (utils/math/Math.sol)
pragma solidity ^0.8.0;
/**
* @dev Standard math utilities missing in the Solidity language.
*/
library Math {
enum Rounding {
Down, // Toward negative infinity
Up, // Toward infinity
Zero // Toward zero
}
/**
* @dev Returns the largest of two numbers.
*/
function max(uint256 a, uint256 b) internal pure returns (uint256) {
return a > b ? a : b;
}
/**
* @dev Returns the smallest of two numbers.
*/
function min(uint256 a, uint256 b) internal pure returns (uint256) {
return a < b ? a : b;
}
/**
* @dev Returns the average of two numbers. The result is rounded towards
* zero.
*/
function average(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b) / 2 can overflow.
return (a & b) + (a ^ b) / 2;
}
/**
* @dev Returns the ceiling of the division of two numbers.
*
* This differs from standard division with `/` in that it rounds up instead
* of rounding down.
*/
function ceilDiv(uint256 a, uint256 b) internal pure returns (uint256) {
// (a + b - 1) / b can overflow on addition, so we distribute.
return a == 0 ? 0 : (a - 1) / b + 1;
}
/**
* @notice Calculates floor(x * y / denominator) with full precision. Throws if result overflows a uint256 or denominator == 0
* @dev Original credit to Remco Bloemen under MIT license (https://xn--2-umb.com/21/muldiv)
* with further edits by Uniswap Labs also under MIT license.
*/
function mulDiv(
uint256 x,
uint256 y,
uint256 denominator
) internal pure returns (uint256 result) {
unchecked {
// 512-bit multiply [prod1 prod0] = x * y. Compute the product mod 2^256 and mod 2^256 - 1, then use
// use the Chinese Remainder Theorem to reconstruct the 512 bit result. The result is stored in two 256
// variables such that product = prod1 * 2^256 + prod0.
uint256 prod0; // Least significant 256 bits of the product
uint256 prod1; // Most significant 256 bits of the product
assembly {
let mm := mulmod(x, y, not(0))
prod0 := mul(x, y)
prod1 := sub(sub(mm, prod0), lt(mm, prod0))
}
// Handle non-overflow cases, 256 by 256 division.
if (prod1 == 0) {
return prod0 / denominator;
}
// Make sure the result is less than 2^256. Also prevents denominator == 0.
require(denominator > prod1);
///////////////////////////////////////////////
// 512 by 256 division.
///////////////////////////////////////////////
// Make division exact by subtracting the remainder from [prod1 prod0].
uint256 remainder;
assembly {
// Compute remainder using mulmod.
remainder := mulmod(x, y, denominator)
// Subtract 256 bit number from 512 bit number.
prod1 := sub(prod1, gt(remainder, prod0))
prod0 := sub(prod0, remainder)
}
// Factor powers of two out of denominator and compute largest power of two divisor of denominator. Always >= 1.
// See https://cs.stackexchange.com/q/138556/92363.
// Does not overflow because the denominator cannot be zero at this stage in the function.
uint256 twos = denominator & (~denominator + 1);
assembly {
// Divide denominator by twos.
denominator := div(denominator, twos)
// Divide [prod1 prod0] by twos.
prod0 := div(prod0, twos)
// Flip twos such that it is 2^256 / twos. If twos is zero, then it becomes one.
twos := add(div(sub(0, twos), twos), 1)
}
// Shift in bits from prod1 into prod0.
prod0 |= prod1 * twos;
// Invert denominator mod 2^256. Now that denominator is an odd number, it has an inverse modulo 2^256 such
// that denominator * inv = 1 mod 2^256. Compute the inverse by starting with a seed that is correct for
// four bits. That is, denominator * inv = 1 mod 2^4.
uint256 inverse = (3 * denominator) ^ 2;
// Use the Newton-Raphson iteration to improve the precision. Thanks to Hensel's lifting lemma, this also works
// in modular arithmetic, doubling the correct bits in each step.
inverse *= 2 - denominator * inverse; // inverse mod 2^8
inverse *= 2 - denominator * inverse; // inverse mod 2^16
inverse *= 2 - denominator * inverse; // inverse mod 2^32
inverse *= 2 - denominator * inverse; // inverse mod 2^64
inverse *= 2 - denominator * inverse; // inverse mod 2^128
inverse *= 2 - denominator * inverse; // inverse mod 2^256
// Because the division is now exact we can divide by multiplying with the modular inverse of denominator.
// This will give us the correct result modulo 2^256. Since the preconditions guarantee that the outcome is
// less than 2^256, this is the final result. We don't need to compute the high bits of the result and prod1
// is no longer required.
result = prod0 * inverse;
return result;
}
}
/**
* @notice Calculates x * y / denominator with full precision, following the selected rounding direction.
*/
function mulDiv(
uint256 x,
uint256 y,
uint256 denominator,
Rounding rounding
) internal pure returns (uint256) {
uint256 result = mulDiv(x, y, denominator);
if (rounding == Rounding.Up && mulmod(x, y, denominator) > 0) {
result += 1;
}
return result;
}
/**
* @dev Returns the square root of a number. If the number is not a perfect square, the value is rounded down.
*
* Inspired by Henry S. Warren, Jr.'s "Hacker's Delight" (Chapter 11).
*/
function sqrt(uint256 a) internal pure returns (uint256) {
if (a == 0) {
return 0;
}
// For our first guess, we get the biggest power of 2 which is smaller than the square root of the target.
//
// We know that the "msb" (most significant bit) of our target number `a` is a power of 2 such that we have
// `msb(a) <= a < 2*msb(a)`. This value can be written `msb(a)=2**k` with `k=log2(a)`.
//
// This can be rewritten `2**log2(a) <= a < 2**(log2(a) + 1)`
// → `sqrt(2**k) <= sqrt(a) < sqrt(2**(k+1))`
// → `2**(k/2) <= sqrt(a) < 2**((k+1)/2) <= 2**(k/2 + 1)`
//
// Consequently, `2**(log2(a) / 2)` is a good first approximation of `sqrt(a)` with at least 1 correct bit.
uint256 result = 1 << (log2(a) >> 1);
// At this point `result` is an estimation with one bit of precision. We know the true value is a uint128,
// since it is the square root of a uint256. Newton's method converges quadratically (precision doubles at
// every iteration). We thus need at most 7 iteration to turn our partial result with one bit of precision
// into the expected uint128 result.
unchecked {
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
result = (result + a / result) >> 1;
return min(result, a / result);
}
}
/**
* @notice Calculates sqrt(a), following the selected rounding direction.
*/
function sqrt(uint256 a, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = sqrt(a);
return result + (rounding == Rounding.Up && result * result < a ? 1 : 0);
}
}
/**
* @dev Return the log in base 2, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 128;
}
if (value >> 64 > 0) {
value >>= 64;
result += 64;
}
if (value >> 32 > 0) {
value >>= 32;
result += 32;
}
if (value >> 16 > 0) {
value >>= 16;
result += 16;
}
if (value >> 8 > 0) {
value >>= 8;
result += 8;
}
if (value >> 4 > 0) {
value >>= 4;
result += 4;
}
if (value >> 2 > 0) {
value >>= 2;
result += 2;
}
if (value >> 1 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 2, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log2(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log2(value);
return result + (rounding == Rounding.Up && 1 << result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 10, rounded down, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >= 10**64) {
value /= 10**64;
result += 64;
}
if (value >= 10**32) {
value /= 10**32;
result += 32;
}
if (value >= 10**16) {
value /= 10**16;
result += 16;
}
if (value >= 10**8) {
value /= 10**8;
result += 8;
}
if (value >= 10**4) {
value /= 10**4;
result += 4;
}
if (value >= 10**2) {
value /= 10**2;
result += 2;
}
if (value >= 10**1) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log10(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log10(value);
return result + (rounding == Rounding.Up && 10**result < value ? 1 : 0);
}
}
/**
* @dev Return the log in base 256, rounded down, of a positive value.
* Returns 0 if given 0.
*
* Adding one to the result gives the number of pairs of hex symbols needed to represent `value` as a hex string.
*/
function log256(uint256 value) internal pure returns (uint256) {
uint256 result = 0;
unchecked {
if (value >> 128 > 0) {
value >>= 128;
result += 16;
}
if (value >> 64 > 0) {
value >>= 64;
result += 8;
}
if (value >> 32 > 0) {
value >>= 32;
result += 4;
}
if (value >> 16 > 0) {
value >>= 16;
result += 2;
}
if (value >> 8 > 0) {
result += 1;
}
}
return result;
}
/**
* @dev Return the log in base 10, following the selected rounding direction, of a positive value.
* Returns 0 if given 0.
*/
function log256(uint256 value, Rounding rounding) internal pure returns (uint256) {
unchecked {
uint256 result = log256(value);
return result + (rounding == Rounding.Up && 1 << (result * 8) < value ? 1 : 0);
}
}
}// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.17;
import {TransferInfo, AppStorage, Role} from "../libraries/LibConnextStorage.sol";
import {LibDiamond} from "../libraries/LibDiamond.sol";
import {AssetLogic} from "../libraries/AssetLogic.sol";
import {TokenId} from "../libraries/TokenId.sol";
import {Constants} from "../libraries/Constants.sol";
contract BaseConnextFacet {
AppStorage internal s;
// ========== Custom Errors ===========
error BaseConnextFacet__onlyOwner_notOwner();
error BaseConnextFacet__onlyProposed_notProposedOwner();
error BaseConnextFacet__onlyOwnerOrRouter_notOwnerOrRouter();
error BaseConnextFacet__onlyOwnerOrWatcher_notOwnerOrWatcher();
error BaseConnextFacet__onlyOwnerOrAdmin_notOwnerOrAdmin();
error BaseConnextFacet__whenNotPaused_paused();
error BaseConnextFacet__nonReentrant_reentrantCall();
error BaseConnextFacet__nonXCallReentrant_reentrantCall();
error BaseConnextFacet__getAdoptedAsset_assetNotFound();
error BaseConnextFacet__getApprovedCanonicalId_notAllowlisted();
// ============ Modifiers ============
/**
* @dev Prevents a contract from calling itself, directly or indirectly.
* Calling a `nonReentrant` function from another `nonReentrant`
* function is not supported. It is possible to prevent this from happening
* by making the `nonReentrant` function external, and making it call a
* `private` function that does the actual work.
*/
modifier nonReentrant() {
// On the first call to nonReentrant, _notEntered will be true
if (s._status == Constants.ENTERED) revert BaseConnextFacet__nonReentrant_reentrantCall();
// Any calls to nonReentrant after this point will fail
s._status = Constants.ENTERED;
_;
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
s._status = Constants.NOT_ENTERED;
}
modifier nonXCallReentrant() {
// On the first call to nonReentrant, _notEntered will be true
if (s._xcallStatus == Constants.ENTERED) revert BaseConnextFacet__nonXCallReentrant_reentrantCall();
// Any calls to nonReentrant after this point will fail
s._xcallStatus = Constants.ENTERED;
_;
// By storing the original value once again, a refund is triggered (see
// https://eips.ethereum.org/EIPS/eip-2200)
s._xcallStatus = Constants.NOT_ENTERED;
}
/**
* @notice Throws if called by any account other than the owner.
*/
modifier onlyOwner() {
if (LibDiamond.contractOwner() != msg.sender) revert BaseConnextFacet__onlyOwner_notOwner();
_;
}
/**
* @notice Throws if called by any account other than the proposed owner.
*/
modifier onlyProposed() {
if (s._proposed != msg.sender) revert BaseConnextFacet__onlyProposed_notProposedOwner();
_;
}
/**
* @notice Throws if called by any account other than the owner and router role.
*/
modifier onlyOwnerOrRouter() {
if (LibDiamond.contractOwner() != msg.sender && s.roles[msg.sender] != Role.RouterAdmin)
revert BaseConnextFacet__onlyOwnerOrRouter_notOwnerOrRouter();
_;
}
/**
* @notice Throws if called by any account other than the owner and watcher role.
*/
modifier onlyOwnerOrWatcher() {
if (LibDiamond.contractOwner() != msg.sender && s.roles[msg.sender] != Role.Watcher)
revert BaseConnextFacet__onlyOwnerOrWatcher_notOwnerOrWatcher();
_;
}
/**
* @notice Throws if called by any account other than the owner and admin role.
*/
modifier onlyOwnerOrAdmin() {
if (LibDiamond.contractOwner() != msg.sender && s.roles[msg.sender] != Role.Admin)
revert BaseConnextFacet__onlyOwnerOrAdmin_notOwnerOrAdmin();
_;
}
/**
* @notice Throws if all functionality is paused
*/
modifier whenNotPaused() {
if (s._paused) revert BaseConnextFacet__whenNotPaused_paused();
_;
}
// ============ Internal functions ============
/**
* @notice Indicates if the router allowlist has been removed
*/
function _isRouterAllowlistRemoved() internal view returns (bool) {
return LibDiamond.contractOwner() == address(0) || s._routerAllowlistRemoved;
}
/**
* @notice Returns the adopted assets for given canonical information
*/
function _getAdoptedAsset(bytes32 _key) internal view returns (address) {
address adopted = AssetLogic.getConfig(_key).adopted;
if (adopted == address(0)) {
revert BaseConnextFacet__getAdoptedAsset_assetNotFound();
}
return adopted;
}
/**
* @notice Returns the adopted assets for given canonical information
*/
function _getRepresentationAsset(bytes32 _key) internal view returns (address) {
address representation = AssetLogic.getConfig(_key).representation;
// If this is address(0), then there is no mintable token for this asset on this
// domain
return representation;
}
/**
* @notice Calculates a transferId
*/
function _calculateTransferId(TransferInfo memory _params) internal pure returns (bytes32) {
return keccak256(abi.encode(_params));
}
/**
* @notice Internal utility function that combines
* `_origin` and `_nonce`.
* @dev Both origin and nonce should be less than 2^32 - 1
* @param _origin Domain of chain where the transfer originated
* @param _nonce The unique identifier for the message from origin to destination
* @return Returns (`_origin` << 32) & `_nonce`
*/
function _originAndNonce(uint32 _origin, uint32 _nonce) internal pure returns (uint64) {
return (uint64(_origin) << 32) | _nonce;
}
function _getLocalAsset(
bytes32 _key,
bytes32 _id,
uint32 _domain
) internal view returns (address) {
return AssetLogic.getLocalAsset(_key, _id, _domain, s);
}
function _getCanonicalTokenId(address _candidate) internal view returns (TokenId memory) {
return AssetLogic.getCanonicalTokenId(_candidate, s);
}
function _getLocalAndAdoptedToken(
bytes32 _key,
bytes32 _id,
uint32 _domain
) internal view returns (address, address) {
address _local = AssetLogic.getLocalAsset(_key, _id, _domain, s);
address _adopted = _getAdoptedAsset(_key);
return (_local, _adopted);
}
function _isLocalOrigin(address _token) internal view returns (bool) {
return AssetLogic.isLocalOrigin(_token, s);
}
function _getApprovedCanonicalId(address _candidate) internal view returns (TokenId memory, bytes32) {
TokenId memory _canonical = _getCanonicalTokenId(_candidate);
bytes32 _key = AssetLogic.calculateCanonicalHash(_canonical.id, _canonical.domain);
if (!AssetLogic.getConfig(_key).approval) {
revert BaseConnextFacet__getApprovedCanonicalId_notAllowlisted();
}
return (_canonical, _key);
}
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
import {IERC20Metadata} from "@openzeppelin/contracts/interfaces/IERC20Metadata.sol";
import {TypeCasts} from "../../../shared/libraries/TypeCasts.sol";
import {TokenId} from "../libraries/TokenId.sol";
import {AssetLogic} from "../libraries/AssetLogic.sol";
import {TokenConfig} from "../libraries/LibConnextStorage.sol";
import {IStableSwap} from "../interfaces/IStableSwap.sol";
import {IBridgeToken} from "../interfaces/IBridgeToken.sol";
import {BridgeToken} from "../helpers/BridgeToken.sol";
import {BaseConnextFacet} from "./BaseConnextFacet.sol";
contract TokenFacet is BaseConnextFacet {
// ========== Custom Errors ===========
error TokenFacet__addAssetId_alreadyAdded();
error TokenFacet__addAssetId_badMint();
error TokenFacet__addAssetId_badBurn();
error TokenFacet__removeAssetId_notAdded();
error TokenFacet__removeAssetId_invalidParams();
error TokenFacet__removeAssetId_remainsCustodied();
error TokenFacet__updateDetails_localNotFound();
error TokenFacet__updateDetails_onlyRemote();
error TokenFacet__updateDetails_notApproved();
error TokenFacet__enrollAdoptedAndLocalAssets_emptyCanonical();
error TokenFacet__setupAsset_representationListed();
error TokenFacet__setupAsset_invalidCanonicalConfiguration();
error TokenFacet__setupAssetWithDeployedRepresentation_invalidRepresentation();
error TokenFacet__setupAssetWithDeployedRepresentation_onCanonicalDomain();
error TokenFacet__setLiquidityCap_notCanonicalDomain();
// ============ Events ============
/**
* @notice emitted when a representation token contract is deployed
* @param domain the domain of the chain where the canonical asset is deployed
* @param id the bytes32 address of the canonical token contract
* @param representation the address of the newly locally deployed representation contract
*/
event TokenDeployed(uint32 indexed domain, bytes32 indexed id, address indexed representation);
/**
* @notice Emitted when a new stable-swap AMM is added for the local <> adopted token
* @param key - The key in the mapping (hash of canonical id and domain)
* @param canonicalId - The canonical identifier of the token the local <> adopted AMM is for
* @param domain - The domain of the canonical token for the local <> adopted amm
* @param swapPool - The address of the AMM
* @param caller - The account that called the function
*/
event StableSwapAdded(
bytes32 indexed key,
bytes32 indexed canonicalId,
uint32 indexed domain,
address swapPool,
address caller
);
/**
* @notice Emitted when a liquidity cap is updated
* @param key - The key in the mapping (hash of canonical id and domain)
* @param canonicalId - The canonical identifier of the token the local <> adopted AMM is for
* @param domain - The domain of the canonical token for the local <> adopted amm
* @param cap - The newly enforced liquidity cap (if it is 0, no cap is enforced)
* @param caller - The account that called the function
*/
event LiquidityCapUpdated(
bytes32 indexed key,
bytes32 indexed canonicalId,
uint32 indexed domain,
uint256 cap,
address caller
);
/**
* @notice Emitted when a new asset is added
* @param key - The key in the mapping (hash of canonical id and domain)
* @param canonicalId - The canonical identifier of the token the local <> adopted AMM is for
* @param domain - The domain of the canonical token for the local <> adopted amm
* @param adoptedAsset - The address of the adopted (user-expected) asset
* @param localAsset - The address of the local asset
* @param caller - The account that called the function
*/
event AssetAdded(
bytes32 indexed key,
bytes32 indexed canonicalId,
uint32 indexed domain,
address adoptedAsset,
address localAsset,
address caller
);
/**
* @notice Emitted when an asset is removed from allowlists
* @param key - The hash of the canonical identifier and domain of the token removed
* @param caller - The account that called the function
*/
event AssetRemoved(bytes32 indexed key, address caller);
// ============ Getters ============
function canonicalToAdopted(bytes32 _key) public view returns (address) {
return _getAdoptedAsset(_key);
}
function canonicalToAdopted(TokenId calldata _canonical) public view returns (address) {
return _getAdoptedAsset(AssetLogic.calculateCanonicalHash(_canonical.id, _canonical.domain));
}
function adoptedToCanonical(address _adopted) public view returns (TokenId memory) {
TokenId memory canonical = TokenId(s.adoptedToCanonical[_adopted].domain, s.adoptedToCanonical[_adopted].id);
return canonical;
}
function canonicalToRepresentation(bytes32 _key) public view returns (address) {
return _getRepresentationAsset(_key);
}
function canonicalToRepresentation(TokenId calldata _canonical) public view returns (address) {
return _getRepresentationAsset(AssetLogic.calculateCanonicalHash(_canonical.id, _canonical.domain));
}
function representationToCanonical(address _representation) public view returns (TokenId memory) {
TokenId memory canonical = TokenId(
s.representationToCanonical[_representation].domain,
s.representationToCanonical[_representation].id
);
return canonical;
}
function getTokenId(address _candidate) public view returns (TokenId memory) {
return _getCanonicalTokenId(_candidate);
}
function getLocalAndAdoptedToken(bytes32 _id, uint32 _domain) public view returns (address, address) {
return _getLocalAndAdoptedToken(AssetLogic.calculateCanonicalHash(_id, _domain), _id, _domain);
}
function approvedAssets(bytes32 _key) public view returns (bool) {
return s.tokenConfigs[_key].approval;
}
function approvedAssets(TokenId calldata _canonical) public view returns (bool) {
return approvedAssets(AssetLogic.calculateCanonicalHash(_canonical.id, _canonical.domain));
}
function adoptedToLocalExternalPools(bytes32 _key) public view returns (IStableSwap) {
return IStableSwap(s.tokenConfigs[_key].adoptedToLocalExternalPools);
}
function adoptedToLocalExternalPools(TokenId calldata _canonical) public view returns (IStableSwap) {
return adoptedToLocalExternalPools(AssetLogic.calculateCanonicalHash(_canonical.id, _canonical.domain));
}
function getCustodiedAmount(bytes32 _key) public view returns (uint256) {
return s.tokenConfigs[_key].custodied;
}
// ============ Admin functions ============
/**
* @notice Used to add supported assets. This is an admin only function
*
* @dev When allowlisting the canonical asset, all representational assets would be
* allowlisted as well. In the event you have a different adopted asset (i.e. PoS USDC
* on polygon), you should *not* allowlist the adopted asset. The stable swap pool
* address used should allow you to swap between the local <> adopted asset.
*
* If a representation has been deployed at any point, `setupAssetWithDeployedRepresentation`
* should be used instead.
*
* The following can only be added on *REMOTE* domains:
* - `_adoptedAssetId`
* - `_stableSwapPool`
*
* Whereas the `_cap` can only be added on the canonical domain
*
* @param _canonical - The canonical asset to add by id and domain. All representations
* will be allowlisted as well
* @param _canonicalDecimals - The decimals of the canonical asset (will be used for deployed
* representation)
* @param _representationName - The name to be used for the deployed asset
* @param _representationSymbol - The symbol used for the deployed asset
* @param _adoptedAssetId - The used asset id for this domain (e.g. PoS USDC for
* polygon)
* @param _stableSwapPool - The address of the local stableswap pool, if it exists.
*/
function setupAsset(
TokenId calldata _canonical,
uint8 _canonicalDecimals,
string memory _representationName,
string memory _representationSymbol,
address _adoptedAssetId,
address _stableSwapPool,
uint256 _cap
) external onlyOwnerOrAdmin returns (address _local) {
// Calculate the canonical key.
bytes32 key = AssetLogic.calculateCanonicalHash(_canonical.id, _canonical.domain);
bool onCanonical = _canonical.domain == s.domain;
if (onCanonical) {
// On the canonical domain, the local is the canonical address.
_local = TypeCasts.bytes32ToAddress(_canonical.id);
// Sanity check: ensure adopted asset ID == canonical address (or empty).
// This could reflect a user error or miscalculation and lead to unexpected behavior.
// NOTE: Since we're on canonical domain, there should be no stableswap pool provided.
if ((_adoptedAssetId != address(0) && _adoptedAssetId != _local) || _stableSwapPool != address(0)) {
revert TokenFacet__setupAsset_invalidCanonicalConfiguration();
}
// Enroll the asset. Pass in address(0) for adopted: it should use the local asset (i.e. the
// canonical asset in this case) instead for both adopted and local.
_enrollAdoptedAndLocalAssets(true, _canonicalDecimals, address(0), _local, address(0), _canonical, _cap, key);
} else {
// Cannot already have an assigned representation.
// NOTE: *If* it does, it can still be replaced with `setupAssetWithDeployedRepresentation`
if (s.tokenConfigs[key].representation != address(0) || s.tokenConfigs[key].representationDecimals != 0) {
revert TokenFacet__setupAsset_representationListed();
}
// On remote, deploy a local representation.
_local = _deployRepresentation(
_canonical.id,
_canonical.domain,
_canonicalDecimals,
_representationName,
_representationSymbol
);
// Enroll the asset.
_enrollAdoptedAndLocalAssets(
false,
_canonicalDecimals,
_adoptedAssetId,
_local,
_stableSwapPool,
_canonical,
0,
key
);
}
}
/**
* @notice Used to add supported assets, without deploying a unique representation
* asset, and instead using what admins have provided. This is an admin only function
*
* @dev This function does very minimal checks to ensure the correct `_representation`
* token is used. The only enforced checks are:
* - Bridge can mint, and balance of bridge will increase
* - Bridge can burn, and balance of bridge will decrease
*
* However, there are many things that must be checked manually to avoid enrolling a bad
* representation:
* - decimals must always be equal to canonical decimals
* - regular `mint`, `burn`, `ERC20` functionality could be implemented improperly
* - the required interface functions (see `IBridgeToken`) may not be implemented
* - upgradeability could interfere with required functionality
*
* Using this method allows admins to override existing local tokens, and should be used
* carefully.
*
* @param _canonical - The canonical asset to add by id and domain. All representations
* will be whitelisted as well
* @param _representation - The address of the representative asset
* @param _adoptedAssetId - The used asset id for this domain (e.g. PoS USDC for
* polygon)
* @param _stableSwapPool - The address of the local stableswap pool, if it exists.
*/
function setupAssetWithDeployedRepresentation(
TokenId calldata _canonical,
address _representation,
address _adoptedAssetId,
address _stableSwapPool
) external onlyOwnerOrAdmin returns (address) {
if (_representation == address(0)) {
revert TokenFacet__setupAssetWithDeployedRepresentation_invalidRepresentation();
}
if (_canonical.domain == s.domain) {
revert TokenFacet__setupAssetWithDeployedRepresentation_onCanonicalDomain();
}
// Calculate the canonical key.
bytes32 key = AssetLogic.calculateCanonicalHash(_canonical.id, _canonical.domain);
_enrollAdoptedAndLocalAssets(
false,
IERC20Metadata(_representation).decimals(),
_adoptedAssetId,
_representation,
_stableSwapPool,
_canonical,
0,
key
);
return _representation;
}
/**
* @notice Adds a stable swap pool for the local <> adopted asset.
* @dev Must pass in the _canonical information so it can be emitted in event
*/
function addStableSwapPool(TokenId calldata _canonical, address _stableSwapPool) external onlyOwnerOrAdmin {
bytes32 key = AssetLogic.calculateCanonicalHash(_canonical.id, _canonical.domain);
_addStableSwapPool(_canonical, _stableSwapPool, key);
}
/**
* @notice Adds a stable swap pool for the local <> adopted asset.
* @dev Must pass in the _canonical information so it can be emitted in event
*/
function updateLiquidityCap(TokenId calldata _canonical, uint256 _updated) external onlyOwnerOrAdmin {
bytes32 key = AssetLogic.calculateCanonicalHash(_canonical.id, _canonical.domain);
_setLiquidityCap(_canonical, _updated, key);
}
/**
* @notice Used to remove assets from the allowlist
* @param _key - The hash of the canonical id and domain to remove (mapping key)
* @param _adoptedAssetId - Corresponding adopted asset to remove
* @param _representation - Corresponding representation asset to remove
*/
function removeAssetId(
bytes32 _key,
address _adoptedAssetId,
address _representation
) external onlyOwnerOrAdmin {
TokenId memory canonical = s.adoptedToCanonical[_adoptedAssetId];
_removeAssetId(_key, _adoptedAssetId, _representation, canonical);
}
/**
* @notice Used to remove assets from the allowlist
* @param _canonical - The canonical id and domain to remove
* @param _adoptedAssetId - Corresponding adopted asset to remove
* @param _representation - Corresponding representation asset to remove
*/
function removeAssetId(
TokenId calldata _canonical,
address _adoptedAssetId,
address _representation
) external onlyOwnerOrAdmin {
bytes32 key = AssetLogic.calculateCanonicalHash(_canonical.id, _canonical.domain);
_removeAssetId(key, _adoptedAssetId, _representation, _canonical);
}
/**
* @notice Used to update the name and symbol of a local token
* @param _canonical - The canonical id and domain to remove
* @param _name - The new name
* @param _symbol - The new symbol
*/
function updateDetails(
TokenId calldata _canonical,
string memory _name,
string memory _symbol
) external onlyOwnerOrAdmin {
bytes32 key = AssetLogic.calculateCanonicalHash(_canonical.id, _canonical.domain);
address local = AssetLogic.getConfig(key).representation;
if (local == address(0)) {
revert TokenFacet__updateDetails_localNotFound();
}
// Can only happen on remote domains
if (s.domain == _canonical.domain) {
revert TokenFacet__updateDetails_onlyRemote();
}
// ensure asset is currently approved because `s.canonicalToRepresentation` does
// not get cleared when asset is removed from allowlist
if (!s.tokenConfigs[key].approval) {
revert TokenFacet__updateDetails_notApproved();
}
// make sure the asset is still active
IBridgeToken(local).setDetails(_name, _symbol);
}
// ============ Private Functions ============
function _enrollAdoptedAndLocalAssets(
bool _onCanonical,
uint8 _localDecimals,
address _adopted,
address _local,
address _stableSwapPool,
TokenId calldata _canonical,
uint256 _cap,
bytes32 _key
) internal {
// Sanity check: canonical ID and domain are not 0.
if (_canonical.domain == 0 || _canonical.id == bytes32("")) {
revert TokenFacet__enrollAdoptedAndLocalAssets_emptyCanonical();
}
// Get true adopted
bool adoptedIsLocal = _adopted == address(0);
address adopted = adoptedIsLocal ? _local : _adopted;
// Get whether you are on canonical
bool onCanonical = s.domain == _canonical.domain;
// Sanity check: needs approval
if (s.tokenConfigs[_key].approval) revert TokenFacet__addAssetId_alreadyAdded();
// Sanity check: bridge can mint / burn on remote
if (!onCanonical) {
IBridgeToken candidate = IBridgeToken(_local);
uint256 starting = candidate.balanceOf(address(this));
candidate.mint(address(this), 1);
if (candidate.balanceOf(address(this)) != starting + 1) {
revert TokenFacet__addAssetId_badMint();
}
candidate.burn(address(this), 1);
if (candidate.balanceOf(address(this)) != starting) {
revert TokenFacet__addAssetId_badBurn();
}
}
// Generate Config
// NOTE: Using address(0) for stable swap, then using `_addStableSwap`. Slightly less
// efficient, but preserves events. Same case for cap / custodied.
// NOTE: IFF on canonical domain, `representation` must *always* be address(0)!
s.tokenConfigs[_key] = TokenConfig(
_onCanonical ? address(0) : _local, // representation
_localDecimals, // representationDecimals
adopted, // adopted
adoptedIsLocal ? _localDecimals : IERC20Metadata(adopted).decimals(), // adoptedDecimals
address(0), // adoptedToLocalExternalPools, see note
true, // approval
0, // cap, see note
0 // custodied, see note
);
// Update reverse lookups
// Update the adopted mapping using convention of local == adopted iff (_adopted == address(0))
s.adoptedToCanonical[adopted].domain = _canonical.domain;
s.adoptedToCanonical[adopted].id = _canonical.id;
if (!_onCanonical) {
// Update the local <> canonical. Representations only exist on non-canonical domains.
s.representationToCanonical[_local].domain = _canonical.domain;
s.representationToCanonical[_local].id = _canonical.id;
// Update swap (on the canonical domain, there is no representation / pool).
_addStableSwapPool(_canonical, _stableSwapPool, _key);
} else if (_cap > 0) {
// Update cap (only on canonical domain).
_setLiquidityCap(_canonical, _cap, _key);
}
// Emit event
emit AssetAdded(_key, _canonical.id, _canonical.domain, adopted, _local, msg.sender);
}
/**
* @notice Used to add an AMM for adopted <> local assets
* @param _canonical - The canonical TokenId to add (domain and id)
* @param _stableSwap - The address of the amm to add
* @param _key - The hash of the canonical id and domain
*/
function _addStableSwapPool(
TokenId calldata _canonical,
address _stableSwap,
bytes32 _key
) internal {
// Update the pool mapping
s.tokenConfigs[_key].adoptedToLocalExternalPools = _stableSwap;
// Emit event
emit StableSwapAdded(_key, _canonical.id, _canonical.domain, _stableSwap, msg.sender);
}
/**
* @notice Used to add a cap on amount of custodied canonical asset
* @dev The `custodied` amount will only increase in real time as router liquidity
* and xcall are used and the cap is set (i.e. if cap is removed, `custodied` values are
* no longer updated or enforced).
*
* When the `cap` is updated, the `custodied` value is set to the balance of the contract,
* which is distinct from *retrievable* funds from the contracts (i.e. could include the
* value someone just sent directly to the contract). Whenever you are updating the cap, you
* should set the value with this in mind.
*
* @param _canonical - The canonical TokenId to add (domain and id)
* @param _updated - The updated liquidity cap value
* @param _key - The hash of the canonical id and domain
*/
function _setLiquidityCap(
TokenId calldata _canonical,
uint256 _updated,
bytes32 _key
) internal {
if (s.domain != _canonical.domain) {
revert TokenFacet__setLiquidityCap_notCanonicalDomain();
}
// Update the stored cap
s.tokenConfigs[_key].cap = _updated;
if (_updated > 0) {
// Update the custodied value to be the balance of this contract
address canonical = TypeCasts.bytes32ToAddress(_canonical.id);
s.tokenConfigs[_key].custodied = IERC20Metadata(canonical).balanceOf(address(this));
}
emit LiquidityCapUpdated(_key, _canonical.id, _canonical.domain, _updated, msg.sender);
}
/**
* @notice Used to remove assets from the allowlist
*
* @dev When you are removing an asset, `xcall` will fail but `handle` and `execute` will not to
* allow for inflight transfers to be addressed. Similarly, the `repayAavePortal` function will
* work.
*
* @param _key - The hash of the canonical id and domain to remove (mapping key)
* @param _adoptedAssetId - Corresponding adopted asset to remove
* @param _representation - Corresponding representation asset (i.e. bridged asset) to remove.
* @param _canonical - The TokenId (canonical ID and domain) of the asset.
*/
function _removeAssetId(
bytes32 _key,
address _adoptedAssetId,
address _representation,
TokenId memory _canonical
) internal {
TokenConfig storage config = s.tokenConfigs[_key];
// Sanity check: already approval
if (!config.approval) revert TokenFacet__removeAssetId_notAdded();
// Sanity check: consistent set of params
if (config.adopted != _adoptedAssetId || config.representation != _representation)
revert TokenFacet__removeAssetId_invalidParams();
bool onCanonical = s.domain == _canonical.domain;
if (onCanonical) {
// Sanity check: no value custodied if on canonical domain
address canonicalAsset = TypeCasts.bytes32ToAddress(_canonical.id);
// Check custodied amount for the given canonical asset address.
// NOTE: if the `cap` is not set, the `custodied` value will not continue to be updated,
// so you must use the `balanceOf` for accurate accounting. If there are funds held
// on these contracts, then when you remove the asset id, the assets cannot be bridged back and
// become worthless. This means the bridged assets would become worthless.
// An attacker could prevent admins from removing an asset by sending funds to this contract,
// but all of the liquidity should already be removed before this function is called.
if (IERC20Metadata(canonicalAsset).balanceOf(address(this)) > 0) {
revert TokenFacet__removeAssetId_remainsCustodied();
}
} else {
// Sanity check: supply is 0 if on remote domain.
if (IBridgeToken(_representation).totalSupply() > 0) {
revert TokenFacet__removeAssetId_remainsCustodied();
}
}
// Delete token config from configs mapping.
// NOTE: we do NOT delete the representation entries from the config. This is
// done to prevent multiple representations being deployed in `setupAsset`
delete s.tokenConfigs[_key].adopted;
delete s.tokenConfigs[_key].adoptedDecimals;
delete s.tokenConfigs[_key].adoptedToLocalExternalPools;
delete s.tokenConfigs[_key].approval;
delete s.tokenConfigs[_key].cap;
// NOTE: custodied will always be 0 at this point
// Delete from reverse lookups
delete s.representationToCanonical[_representation];
delete s.adoptedToCanonical[_adoptedAssetId];
// Emit event
emit AssetRemoved(_key, msg.sender);
}
/**
* @notice Deploy and initialize a new token contract
* @dev Each token contract is a proxy which
* points to the token upgrade beacon
* @return _token the address of the token contract
*/
function _deployRepresentation(
bytes32 _id,
uint32 _domain,
uint8 _decimals,
string memory _name,
string memory _symbol
) internal returns (address _token) {
// deploy the token contract
_token = address(new BridgeToken(_decimals, _name, _symbol));
// emit event upon deploying new token
emit TokenDeployed(_domain, _id, _token);
}
}// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity 0.8.17;
import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
import {IBridgeToken} from "../interfaces/IBridgeToken.sol";
import {ERC20} from "./OZERC20.sol";
contract BridgeToken is IBridgeToken, Ownable, ERC20 {
// ============ Constructor ============
constructor(
uint8 decimals_,
string memory name_,
string memory symbol_
) Ownable() ERC20(decimals_, name_, symbol_, "1") {}
// ============ Events ============
event UpdateDetails(string indexed name, string indexed symbol);
// ============ Admin Functions ============
/**
* @notice Destroys `_amnt` tokens from `_from`, reducing the
* total supply.
* @dev Emits a {Transfer} event with `to` set to the zero address.
* Requirements:
* - `_from` cannot be the zero address.
* - `_from` must have at least `_amnt` tokens.
* @param _from The address from which to destroy the tokens
* @param _amnt The amount of tokens to be destroyed
*/
function burn(address _from, uint256 _amnt) external override onlyOwner {
_burn(_from, _amnt);
}
/** @notice Creates `_amnt` tokens and assigns them to `_to`, increasing
* the total supply.
* @dev Emits a {Transfer} event with `from` set to the zero address.
* Requirements:
* - `to` cannot be the zero address.
* @param _to The destination address
* @param _amnt The amount of tokens to be minted
*/
function mint(address _to, uint256 _amnt) external override onlyOwner {
_mint(_to, _amnt);
}
/**
* @notice Set the details of a token
* @param _newName The new name
* @param _newSymbol The new symbol
*/
function setDetails(string calldata _newName, string calldata _newSymbol) external override onlyOwner {
// careful with naming convention change here
_name = _newName;
_symbol = _newSymbol;
bytes32 hashedName = keccak256(bytes(_newName));
_HASHED_NAME = hashedName;
_CACHED_DOMAIN_SEPARATOR = _buildDomainSeparator(_TYPE_HASH, hashedName, _HASHED_VERSION);
emit UpdateDetails(_newName, _newSymbol);
}
}// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.17;
import {ERC20Upgradeable} from "@openzeppelin/contracts-upgradeable/token/ERC20/extensions/ERC20BurnableUpgradeable.sol";
import {OwnableUpgradeable} from "@openzeppelin/contracts-upgradeable/access/OwnableUpgradeable.sol";
/**
* @title Liquidity Provider Token
* @notice This token is an ERC20 detailed token with added capability to be minted by the owner.
* It is used to represent user's shares when providing liquidity to swap contracts.
* @dev Only Swap contracts should initialize and own LPToken contracts.
*/
contract LPToken is ERC20Upgradeable, OwnableUpgradeable {
// ============ Storage ============
// ============ Initializer ============
/**
* @notice Initializes this LPToken contract with the given name and symbol
* @dev The caller of this function will become the owner. A Swap contract should call this
* in its initializer function.
* @param name name of this token
* @param symbol symbol of this token
*/
function initialize(string memory name, string memory symbol) external initializer returns (bool) {
__Context_init_unchained();
__ERC20_init_unchained(name, symbol);
__Ownable_init_unchained();
return true;
}
// ============ External functions ============
/**
* @notice Mints the given amount of LPToken to the recipient.
* @dev only owner can call this mint function
* @param recipient address of account to receive the tokens
* @param amount amount of tokens to mint
*/
function mint(address recipient, uint256 amount) external onlyOwner {
require(amount != 0, "LPToken: cannot mint 0");
_mint(recipient, amount);
}
/**
* @notice Burns the given amount of LPToken from provided account
* @dev only owner can call this burn function
* @param account address of account from which to burn token
* @param amount amount of tokens to mint
*/
function burnFrom(address account, uint256 amount) external onlyOwner {
require(amount != 0, "LPToken: cannot burn 0");
_burn(account, amount);
}
// ============ Internal functions ============
/**
* @dev Overrides ERC20._beforeTokenTransfer() which get called on every transfers including
* minting and burning. This ensures that Swap.updateUserWithdrawFees are called everytime.
* This assumes the owner is set to a Swap contract's address.
*/
function _beforeTokenTransfer(
address from,
address to,
uint256 amount
) internal virtual override(ERC20Upgradeable) {
super._beforeTokenTransfer(from, to, amount);
require(to != address(this), "LPToken: cannot send to itself");
}
// ============ Upgrade Gap ============
uint256[50] private __GAP; // gap for upgrade safety
}// SPDX-License-Identifier: MIT
pragma solidity 0.8.17;
// This is modified from "@openzeppelin/contracts/token/ERC20/IERC20.sol"
// Modifications were made to allow the name, hashed name, and cached
// domain separator to be internal
import "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import "@openzeppelin/contracts/token/ERC20/extensions/draft-IERC20Permit.sol";
import {EIP712} from "@openzeppelin/contracts/utils/cryptography/EIP712.sol";
import {ECDSA} from "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
import "@openzeppelin/contracts/utils/Counters.sol";
/**
* @dev Implementation of the {IERC20} interface.
*
* Implements ERC20 Permit extension allowing approvals to be made via
* signatures, as defined in https://eips.ethereum.org/EIPS/eip-2612[EIP-2612].
*
* Adds the {permit} method, which can be used to change an account's ERC20
* allowance (see {IERC20-allowance}) by presenting a message signed by the
* account. By not relying on {IERC20-approve}, the token holder account doesn't
* need to send a transaction, and thus is not required to hold Ether at all.
*
* This implementation is agnostic to the way tokens are created. This means
* that a supply mechanism has to be added in a derived contract using {_mint}.
* For a generic mechanism see {ERC20PresetMinterPauser}.
*
* TIP: For a detailed writeup see our guide
* https://forum.zeppelin.solutions/t/how-to-implement-erc20-supply-mechanisms/226[How
* to implement supply mechanisms].
*
* We have followed general OpenZeppelin guidelines: functions revert instead
* of returning `false` on failure. This behavior is nonetheless conventional
* and does not conflict with the expectations of ERC20 applications.
*
* Additionally, an {Approval} event is emitted on calls to {transferFrom}.
* This allows applications to reconstruct the allowance for all accounts just
* by listening to said events. Other implementations of the EIP may not emit
* these events, as it isn't required by the specification.
*
* Finally, the non-standard {decreaseAllowance} and {increaseAllowance}
* functions have been added to mitigate the well-known issues around setting
* allowances. See {IERC20-approve}.
*
* @dev Cannot use default ERC20/ERC20Permit implementation as there is no way to update
* the name (set to private).
*
* Cannot use default EIP712 implementation as the _HASHED_NAME may change.
* These functions use the same implementation, with easier storage access.
*/
contract ERC20 is IERC20Metadata, IERC20Permit {
// See ERC20
mapping(address => uint256) private _balances;
mapping(address => mapping(address => uint256)) private _allowances;
uint256 private _totalSupply;
string internal _name; // made internal, need access
string internal _symbol; // made internal, need access
uint8 internal _decimals; // made internal, need access
// See ERC20Permit
using Counters for Counters.Counter;
mapping(address => Counters.Counter) private _nonces;
// See EIP712
// Immutables used in EIP 712 structured data hashing & signing
// https://eips.ethereum.org/EIPS/eip-712
bytes32 private constant _PERMIT_TYPEHASH =
keccak256("Permit(address owner,address spender,uint256 value,uint256 nonce,uint256 deadline)");
bytes32 internal constant _TYPE_HASH =
keccak256("EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)");
// made internal, need access
// Cache the domain separator as an immutable value, but also store the chain id that it corresponds to, in order to
// invalidate the cached domain separator if the chain id changes.
bytes32 internal _CACHED_DOMAIN_SEPARATOR; // made internal, may change
uint256 private immutable _CACHED_CHAIN_ID;
address private immutable _CACHED_THIS;
bytes32 internal _HASHED_NAME; // made internal, may change
bytes32 internal immutable _HASHED_VERSION; // made internal, need access
/**
* @dev Initializes the {EIP712} domain separator using the `name` parameter,
* and setting `version` to `"1"`.
*
* It's a good idea to use the same `name` that is defined as the ERC20 token name.
*/
constructor(
uint8 decimals_,
string memory name_,
string memory symbol_,
string memory version_
) {
// ERC20
_name = name_;
_symbol = symbol_;
_decimals = decimals_;
// EIP712
bytes32 hashedName = keccak256(bytes(name_));
bytes32 hashedVersion = keccak256(bytes(version_));
_HASHED_NAME = hashedName;
_HASHED_VERSION = hashedVersion;
_CACHED_CHAIN_ID = block.chainid;
_CACHED_DOMAIN_SEPARATOR = _buildDomainSeparator(_TYPE_HASH, hashedName, hashedVersion);
_CACHED_THIS = address(this);
}
/**
* @dev Returns the name of the token.
*/
function name() public view virtual override returns (string memory) {
return _name;
}
/**
* @dev Returns the symbol of the token, usually a shorter version of the
* name.
*/
function symbol() public view virtual override returns (string memory) {
return _symbol;
}
/**
* @dev Returns the number of decimals used to get its user representation.
* For example, if `decimals` equals `2`, a balance of `505` tokens should
* be displayed to a user as `5.05` (`505 / 10 ** 2`).
*
* Tokens usually opt for a value of 18, imitating the relationship between
* Ether and Wei. This is the value {ERC20} uses, unless this function is
* overridden;
*
* NOTE: This information is only used for _display_ purposes: it in
* no way affects any of the arithmetic of the contract, including
* {IERC20-balanceOf} and {IERC20-transfer}.
*/
function decimals() public view virtual override returns (uint8) {
return _decimals;
}
/**
* @dev See {IERC20-totalSupply}.
*/
function totalSupply() public view virtual override returns (uint256) {
return _totalSupply;
}
/**
* @dev See {IERC20-balanceOf}.
*/
function balanceOf(address account) public view virtual override returns (uint256) {
return _balances[account];
}
/**
* @dev See {IERC20-transfer}.
*
* Requirements:
*
* - `to` cannot be the zero address.
* - the caller must have a balance of at least `amount`.
*/
function transfer(address to, uint256 amount) public virtual override returns (bool) {
_transfer(msg.sender, to, amount);
return true;
}
/**
* @dev See {IERC20-allowance}.
*/
function allowance(address _owner, address _spender) public view virtual override returns (uint256) {
return _allowances[_owner][_spender];
}
/**
* @dev See {IERC20-approve}.
*
* NOTE: If `amount` is the maximum `uint256`, the allowance is not updated on
* `transferFrom`. This is semantically equivalent to an infinite approval.
*
* Requirements:
*
* - `spender` cannot be the zero address.
*/
function approve(address spender, uint256 amount) public virtual override returns (bool) {
_approve(msg.sender, spender, amount);
return true;
}
/**
* @dev See {IERC20-transferFrom}.
*
* Emits an {Approval} event indicating the updated allowance. This is not
* required by the EIP. See the note at the beginning of {ERC20}.
*
* Requirements:
*
* - `_sender` and `recipient` cannot be the zero address.
* - `_sender` must have a balance of at least `amount`.
* - the caller must have allowance for ``_sender``'s tokens of at least
* `amount`.
*/
function transferFrom(
address _sender,
address _recipient,
uint256 _amount
) public virtual override returns (bool) {
_spendAllowance(_sender, msg.sender, _amount);
_transfer(_sender, _recipient, _amount);
return true;
}
/**
* @dev Atomically increases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `_spender` cannot be the zero address.
*/
function increaseAllowance(address _spender, uint256 _addedValue) public virtual returns (bool) {
_approve(msg.sender, _spender, _allowances[msg.sender][_spender] + _addedValue);
return true;
}
/**
* @dev Atomically decreases the allowance granted to `spender` by the caller.
*
* This is an alternative to {approve} that can be used as a mitigation for
* problems described in {IERC20-approve}.
*
* Emits an {Approval} event indicating the updated allowance.
*
* Requirements:
*
* - `_spender` cannot be the zero address.
* - `_spender` must have allowance for the caller of at least
* `_subtractedValue`.
*/
function decreaseAllowance(address _spender, uint256 _subtractedValue) public virtual returns (bool) {
uint256 currentAllowance = allowance(msg.sender, _spender);
require(currentAllowance >= _subtractedValue, "ERC20: decreased allowance below zero");
unchecked {
_approve(msg.sender, _spender, currentAllowance - _subtractedValue);
}
return true;
}
/**
* @dev Moves tokens `amount` from `_sender` to `_recipient`.
*
* This is internal function is equivalent to {transfer}, and can be used to
* e.g. implement automatic token fees, slashing mechanisms, etc.
*
* Emits a {Transfer} event.
*
* Requirements:
*
* - `_sender` cannot be the zero address.
* - `_recipient` cannot be the zero address.
* - `_sender` must have a balance of at least `amount`.
*/
function _transfer(
address _sender,
address _recipient,
uint256 _amount
) internal virtual {
require(_sender != address(0), "ERC20: transfer from the zero address");
require(_recipient != address(0), "ERC20: transfer to the zero address");
_beforeTokenTransfer(_sender, _recipient, _amount);
uint256 fromBalance = _balances[_sender];
require(fromBalance >= _amount, "ERC20: transfer amount exceeds balance");
unchecked {
_balances[_sender] = fromBalance - _amount;
// Overflow not possible: the sum of all balances is capped by totalSupply, and the sum is preserved by
// decrementing then incrementing.
_balances[_recipient] += _amount;
}
emit Transfer(_sender, _recipient, _amount);
_afterTokenTransfer(_sender, _recipient, _amount);
}
/** @dev Creates `_amount` tokens and assigns them to `_account`, increasing
* the total supply.
*
* Emits a {Transfer} event with `from` set to the zero address.
*
* Requirements:
*
* - `to` cannot be the zero address.
*/
function _mint(address _account, uint256 _amount) internal virtual {
require(_account != address(0), "ERC20: mint to the zero address");
_beforeTokenTransfer(address(0), _account, _amount);
_totalSupply += _amount;
unchecked {
// Overflow not possible: balance + amount is at most totalSupply + amount, which is checked above.
_balances[_account] += _amount;
}
emit Transfer(address(0), _account, _amount);
_afterTokenTransfer(address(0), _account, _amount);
}
/**
* @dev Destroys `_amount` tokens from `_account`, reducing the
* total supply.
*
* Emits a {Transfer} event with `to` set to the zero address.
*
* Requirements:
*
* - `_account` cannot be the zero address.
* - `_account` must have at least `_amount` tokens.
*/
function _burn(address _account, uint256 _amount) internal virtual {
require(_account != address(0), "ERC20: burn from the zero address");
_beforeTokenTransfer(_account, address(0), _amount);
uint256 accountBalance = _balances[_account];
require(accountBalance >= _amount, "ERC20: burn amount exceeds balance");
unchecked {
_balances[_account] = accountBalance - _amount;
// Overflow not possible: amount <= accountBalance <= totalSupply
_totalSupply -= _amount;
}
emit Transfer(_account, address(0), _amount);
_afterTokenTransfer(_account, address(0), _amount);
}
/**
* @dev Sets `_amount` as the allowance of `_spender` over the `_owner` s tokens.
*
* This internal function is equivalent to `approve`, and can be used to
* e.g. set automatic allowances for certain subsystems, etc.
*
* Emits an {Approval} event.
*
* Requirements:
*
* - `_owner` cannot be the zero address.
* - `_spender` cannot be the zero address.
*/
function _approve(
address _owner,
address _spender,
uint256 _amount
) internal virtual {
require(_owner != address(0), "ERC20: approve from the zero address");
require(_spender != address(0), "ERC20: approve to the zero address");
_allowances[_owner][_spender] = _amount;
emit Approval(_owner, _spender, _amount);
}
/**
* @dev Updates `_owner` s allowance for `_spender` based on spent `_amount`.
*
* Does not update the allowance amount in case of infinite allowance.
* Revert if not enough allowance is available.
*
* Might emit an {Approval} event.
*/
function _spendAllowance(
address _owner,
address _spender,
uint256 _amount
) internal virtual {
uint256 currentAllowance = allowance(_owner, _spender);
if (currentAllowance != type(uint256).max) {
require(currentAllowance >= _amount, "ERC20: insufficient allowance");
unchecked {
_approve(_owner, _spender, currentAllowance - _amount);
}
}
}
/**
* @dev Hook that is called before any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `_from` and `_to` are both non-zero, `_amount` of ``_from``'s tokens
* will be to transferred to `_to`.
* - when `_from` is zero, `_amount` tokens will be minted for `_to`.
* - when `_to` is zero, `_amount` of ``_from``'s tokens will be burned.
* - `_from` and `_to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _beforeTokenTransfer(
address _from,
address _to,
uint256 _amount
) internal virtual {}
/**
* @dev Hook that is called after any transfer of tokens. This includes
* minting and burning.
*
* Calling conditions:
*
* - when `from` and `to` are both non-zero, `amount` of ``from``'s tokens
* has been transferred to `to`.
* - when `from` is zero, `amount` tokens have been minted for `to`.
* - when `to` is zero, `amount` of ``from``'s tokens have been burned.
* - `from` and `to` are never both zero.
*
* To learn more about hooks, head to xref:ROOT:extending-contracts.adoc#using-hooks[Using Hooks].
*/
function _afterTokenTransfer(
address _from,
address _to,
uint256 _amount
) internal virtual {}
/**
* @dev See {IERC20Permit-permit}.
* @notice Sets approval from owner to spender to value
* as long as deadline has not passed
* by submitting a valid signature from owner
* Uses EIP 712 structured data hashing & signing
* https://eips.ethereum.org/EIPS/eip-712
* @param _owner The account setting approval & signing the message
* @param _spender The account receiving approval to spend owner's tokens
* @param _value The amount to set approval for
* @param _deadline The timestamp before which the signature must be submitted
* @param _v ECDSA signature v
* @param _r ECDSA signature r
* @param _s ECDSA signature s
*/
function permit(
address _owner,
address _spender,
uint256 _value,
uint256 _deadline,
uint8 _v,
bytes32 _r,
bytes32 _s
) public virtual override {
require(block.timestamp <= _deadline, "ERC20Permit: expired deadline");
bytes32 _structHash = keccak256(
abi.encode(_PERMIT_TYPEHASH, _owner, _spender, _value, _useNonce(_owner), _deadline)
);
bytes32 _hash = _hashTypedDataV4(_structHash);
address _signer = ECDSA.recover(_hash, _v, _r, _s);
require(_signer == _owner, "ERC20Permit: invalid signature");
_approve(_owner, _spender, _value);
}
/**
* @dev See {IERC20Permit-nonces}.
*/
function nonces(address _owner) public view virtual override returns (uint256) {
return _nonces[_owner].current();
}
/**
* @dev See {IERC20Permit-DOMAIN_SEPARATOR}.
* This is ALWAYS calculated at runtime because the token name is mutable, not constant.
*/
function DOMAIN_SEPARATOR() external view override returns (bytes32) {
return _domainSeparatorV4();
}
/**
* @dev "Consume a nonce": return the current value and increment.
* @dev See {EIP712._buildDomainSeparator}
*/
function _useNonce(address _owner) internal virtual returns (uint256 current) {
Counters.Counter storage nonce = _nonces[_owner];
current = nonce.current();
nonce.increment();
}
/**
* @dev Returns the domain separator for the current chain.
* @dev See {EIP712._buildDomainSeparator}
*/
function _domainSeparatorV4() internal view returns (bytes32) {
if (address(this) == _CACHED_THIS && block.chainid == _CACHED_CHAIN_ID) {
return _CACHED_DOMAIN_SEPARATOR;
} else {
return _buildDomainSeparator(_TYPE_HASH, _HASHED_NAME, _HASHED_VERSION);
}
}
/**
* @dev See {EIP712._buildDomainSeparator}. Made internal to allow usage in parent class.
*/
function _buildDomainSeparator(
bytes32 typeHash,
bytes32 nameHash,
bytes32 versionHash
) internal view returns (bytes32) {
return keccak256(abi.encode(typeHash, nameHash, versionHash, block.chainid, address(this)));
}
/**
* @dev Given an already https://eips.ethereum.org/EIPS/eip-712#definition-of-hashstruct[hashed struct], this
* function returns the hash of the fully encoded EIP712 message for this domain.
*
* This hash can be used together with {ECDSA-recover} to obtain the signer of a message. For example:
*
* ```solidity
* bytes32 digest = _hashTypedDataV4(keccak256(abi.encode(
* keccak256("Mail(address to,string contents)"),
* mailTo,
* keccak256(bytes(mailContents))
* )));
* address signer = ECDSA.recover(digest, signature);
* ```
*/
function _hashTypedDataV4(bytes32 structHash) internal view virtual returns (bytes32) {
return ECDSA.toTypedDataHash(_domainSeparatorV4(), structHash);
}
}// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity 0.8.17;
import {IERC20Metadata} from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
interface IBridgeToken is IERC20Metadata {
function burn(address _from, uint256 _amnt) external;
function mint(address _to, uint256 _amnt) external;
function setDetails(string calldata _name, string calldata _symbol) external;
}// SPDX-License-Identifier: MIT pragma solidity 0.8.17; /******************************************************************************\ * Author: Nick Mudge <[email protected]> (https://twitter.com/mudgen) * EIP-2535 Diamonds: https://eips.ethereum.org/EIPS/eip-2535 /******************************************************************************/ interface IDiamondCut { enum FacetCutAction { Add, Replace, Remove } // Add=0, Replace=1, Remove=2 struct FacetCut { address facetAddress; FacetCutAction action; bytes4[] functionSelectors; } /// @notice Propose to add/replace/remove any number of functions and optionally execute /// a function with delegatecall /// @param _diamondCut Contains the facet addresses and function selectors /// @param _init The address of the contract or facet to execute _calldata /// @param _calldata A function call, including function selector and arguments /// _calldata is executed with delegatecall on _init function proposeDiamondCut( FacetCut[] calldata _diamondCut, address _init, bytes calldata _calldata ) external; event DiamondCutProposed(FacetCut[] _diamondCut, address _init, bytes _calldata, uint256 deadline); /// @notice Add/replace/remove any number of functions and optionally execute /// a function with delegatecall /// @param _diamondCut Contains the facet addresses and function selectors /// @param _init The address of the contract or facet to execute _calldata /// @param _calldata A function call, including function selector and arguments /// _calldata is executed with delegatecall on _init function diamondCut( FacetCut[] calldata _diamondCut, address _init, bytes calldata _calldata ) external; event DiamondCut(FacetCut[] _diamondCut, address _init, bytes _calldata); /// @notice Propose to add/replace/remove any number of functions and optionally execute /// a function with delegatecall /// @param _diamondCut Contains the facet addresses and function selectors /// @param _init The address of the contract or facet to execute _calldata /// @param _calldata A function call, including function selector and arguments /// _calldata is executed with delegatecall on _init function rescindDiamondCut( FacetCut[] calldata _diamondCut, address _init, bytes calldata _calldata ) external; /** * @notice Returns the acceptance time for a given proposal * @param _diamondCut Contains the facet addresses and function selectors * @param _init The address of the contract or facet to execute _calldata * @param _calldata A function call, including function selector and arguments _calldata is * executed with delegatecall on _init */ function getAcceptanceTime( FacetCut[] calldata _diamondCut, address _init, bytes calldata _calldata ) external returns (uint256); event DiamondCutRescinded(FacetCut[] _diamondCut, address _init, bytes _calldata); }
// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.17;
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
interface IStableSwap {
/*** EVENTS ***/
// events replicated from SwapUtils to make the ABI easier for dumb
// clients
event TokenSwap(address indexed buyer, uint256 tokensSold, uint256 tokensBought, uint128 soldId, uint128 boughtId);
event AddLiquidity(
address indexed provider,
uint256[] tokenAmounts,
uint256[] fees,
uint256 invariant,
uint256 lpTokenSupply
);
event RemoveLiquidity(address indexed provider, uint256[] tokenAmounts, uint256 lpTokenSupply);
event RemoveLiquidityOne(
address indexed provider,
uint256 lpTokenAmount,
uint256 lpTokenSupply,
uint256 boughtId,
uint256 tokensBought
);
event RemoveLiquidityImbalance(
address indexed provider,
uint256[] tokenAmounts,
uint256[] fees,
uint256 invariant,
uint256 lpTokenSupply
);
event NewAdminFee(uint256 newAdminFee);
event NewSwapFee(uint256 newSwapFee);
event NewWithdrawFee(uint256 newWithdrawFee);
event RampA(uint256 oldA, uint256 newA, uint256 initialTime, uint256 futureTime);
event StopRampA(uint256 currentA, uint256 time);
function swap(
uint8 tokenIndexFrom,
uint8 tokenIndexTo,
uint256 dx,
uint256 minDy,
uint256 deadline
) external returns (uint256);
function swapExact(
uint256 amountIn,
address assetIn,
address assetOut,
uint256 minAmountOut,
uint256 deadline
) external payable returns (uint256);
function swapExactOut(
uint256 amountOut,
address assetIn,
address assetOut,
uint256 maxAmountIn,
uint256 deadline
) external payable returns (uint256);
function getA() external view returns (uint256);
function getToken(uint8 index) external view returns (IERC20);
function getTokenIndex(address tokenAddress) external view returns (uint8);
function getTokenBalance(uint8 index) external view returns (uint256);
function getVirtualPrice() external view returns (uint256);
// min return calculation functions
function calculateSwap(
uint8 tokenIndexFrom,
uint8 tokenIndexTo,
uint256 dx
) external view returns (uint256);
function calculateSwapOut(
uint8 tokenIndexFrom,
uint8 tokenIndexTo,
uint256 dy
) external view returns (uint256);
function calculateSwapFromAddress(
address assetIn,
address assetOut,
uint256 amountIn
) external view returns (uint256);
function calculateSwapOutFromAddress(
address assetIn,
address assetOut,
uint256 amountOut
) external view returns (uint256);
function calculateTokenAmount(uint256[] calldata amounts, bool deposit) external view returns (uint256);
function calculateRemoveLiquidity(uint256 amount) external view returns (uint256[] memory);
function calculateRemoveLiquidityOneToken(uint256 tokenAmount, uint8 tokenIndex)
external
view
returns (uint256 availableTokenAmount);
// state modifying functions
function initialize(
IERC20[] memory pooledTokens,
uint8[] memory decimals,
string memory lpTokenName,
string memory lpTokenSymbol,
uint256 a,
uint256 fee,
uint256 adminFee,
address lpTokenTargetAddress
) external;
function addLiquidity(
uint256[] calldata amounts,
uint256 minToMint,
uint256 deadline
) external returns (uint256);
function removeLiquidity(
uint256 amount,
uint256[] calldata minAmounts,
uint256 deadline
) external returns (uint256[] memory);
function removeLiquidityOneToken(
uint256 tokenAmount,
uint8 tokenIndex,
uint256 minAmount,
uint256 deadline
) external returns (uint256);
function removeLiquidityImbalance(
uint256[] calldata amounts,
uint256 maxBurnAmount,
uint256 deadline
) external returns (uint256);
}// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.17;
import {SwapUtils} from "./SwapUtils.sol";
import {Constants} from "./Constants.sol";
/**
* @title AmplificationUtils library
* @notice A library to calculate and ramp the A parameter of a given `SwapUtils.Swap` struct.
* This library assumes the struct is fully validated.
*/
library AmplificationUtils {
event RampA(uint256 oldA, uint256 newA, uint256 initialTime, uint256 futureTime);
event StopRampA(uint256 currentA, uint256 time);
/**
* @notice Return A, the amplification coefficient * n ** (n - 1)
* @dev See the StableSwap paper for details
* @param self Swap struct to read from
* @return A parameter
*/
function getA(SwapUtils.Swap storage self) internal view returns (uint256) {
return _getAPrecise(self) / Constants.A_PRECISION;
}
/**
* @notice Return A in its raw precision
* @dev See the StableSwap paper for details
* @param self Swap struct to read from
* @return A parameter in its raw precision form
*/
function getAPrecise(SwapUtils.Swap storage self) internal view returns (uint256) {
return _getAPrecise(self);
}
/**
* @notice Return A in its raw precision
* @dev See the StableSwap paper for details
* @param self Swap struct to read from
* @return currentA A parameter in its raw precision form
*/
function _getAPrecise(SwapUtils.Swap storage self) internal view returns (uint256 currentA) {
uint256 t1 = self.futureATime; // time when ramp is finished
currentA = self.futureA; // final A value when ramp is finished
uint256 a0 = self.initialA; // initial A value when ramp is started
if (a0 != currentA && block.timestamp < t1) {
uint256 t0 = self.initialATime; // time when ramp is started
assembly {
currentA := div(add(mul(a0, sub(t1, timestamp())), mul(currentA, sub(timestamp(), t0))), sub(t1, t0))
}
}
}
/**
* @notice Start ramping up or down A parameter towards given futureA_ and futureTime_
* Checks if the change is too rapid, and commits the new A value only when it falls under
* the limit range.
* @param self Swap struct to update
* @param futureA_ the new A to ramp towards
* @param futureTime_ timestamp when the new A should be reached
*/
function rampA(
SwapUtils.Swap storage self,
uint256 futureA_,
uint256 futureTime_
) internal {
require(block.timestamp >= self.initialATime + Constants.MIN_RAMP_DELAY, "Wait 1 day before starting ramp");
require(futureTime_ >= block.timestamp + Constants.MIN_RAMP_TIME, "Insufficient ramp time");
require(futureA_ != 0 && futureA_ < Constants.MAX_A, "futureA_ must be > 0 and < MAX_A");
uint256 initialAPrecise = _getAPrecise(self);
uint256 futureAPrecise = futureA_ * Constants.A_PRECISION;
require(initialAPrecise != futureAPrecise, "!valid ramp");
if (futureAPrecise < initialAPrecise) {
require(futureAPrecise * Constants.MAX_A_CHANGE >= initialAPrecise, "futureA_ is too small");
} else {
require(futureAPrecise <= initialAPrecise * Constants.MAX_A_CHANGE, "futureA_ is too large");
}
self.initialA = initialAPrecise;
self.futureA = futureAPrecise;
self.initialATime = block.timestamp;
self.futureATime = futureTime_;
emit RampA(initialAPrecise, futureAPrecise, block.timestamp, futureTime_);
}
/**
* @notice Stops ramping A immediately. Once this function is called, rampA()
* cannot be called for another 24 hours
* @param self Swap struct to update
*/
function stopRampA(SwapUtils.Swap storage self) internal {
require(self.futureATime > block.timestamp, "Ramp is already stopped");
uint256 currentA = _getAPrecise(self);
self.initialA = currentA;
self.futureA = currentA;
self.initialATime = block.timestamp;
self.futureATime = block.timestamp;
emit StopRampA(currentA, block.timestamp);
}
}// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.17;
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {IERC20Metadata} from "@openzeppelin/contracts/token/ERC20/extensions/IERC20Metadata.sol";
import {TypeCasts} from "../../../shared/libraries/TypeCasts.sol";
import {IStableSwap} from "../interfaces/IStableSwap.sol";
import {LibConnextStorage, AppStorage, TokenConfig} from "./LibConnextStorage.sol";
import {SwapUtils} from "./SwapUtils.sol";
import {Constants} from "./Constants.sol";
import {TokenId} from "./TokenId.sol";
library AssetLogic {
// ============ Libraries ============
using SwapUtils for SwapUtils.Swap;
using SafeERC20 for IERC20Metadata;
// ============ Errors ============
error AssetLogic__handleIncomingAsset_nativeAssetNotSupported();
error AssetLogic__handleIncomingAsset_feeOnTransferNotSupported();
error AssetLogic__handleOutgoingAsset_notNative();
error AssetLogic__getTokenIndexFromStableSwapPool_notExist();
error AssetLogic__getConfig_notRegistered();
error AssetLogic__swapAsset_externalStableSwapPoolDoesNotExist();
// ============ Internal: Handle Transfer ============
function getConfig(bytes32 _key) internal view returns (TokenConfig storage) {
AppStorage storage s = LibConnextStorage.connextStorage();
TokenConfig storage config = s.tokenConfigs[_key];
// Sanity check: not empty
// NOTE: adopted decimals will *always* be nonzero (or reflect what is onchain
// for the asset). The same is not true for the representation assets, which
// will always have 0 decimals on the canonical domain
if (config.adoptedDecimals < 1) {
revert AssetLogic__getConfig_notRegistered();
}
return config;
}
/**
* @notice Handles transferring funds from msg.sender to the Connext contract.
* @dev Does NOT work with fee-on-transfer tokens: will revert.
*
* @param _asset - The address of the ERC20 token to transfer.
* @param _amount - The specified amount to transfer.
*/
function handleIncomingAsset(address _asset, uint256 _amount) internal {
// Sanity check: if amount is 0, do nothing.
if (_amount == 0) {
return;
}
// Sanity check: asset address is not zero.
if (_asset == address(0)) {
revert AssetLogic__handleIncomingAsset_nativeAssetNotSupported();
}
IERC20Metadata asset = IERC20Metadata(_asset);
// Record starting amount to validate correct amount is transferred.
uint256 starting = asset.balanceOf(address(this));
// Transfer asset to contract.
asset.safeTransferFrom(msg.sender, address(this), _amount);
// Ensure correct amount was transferred (i.e. this was not a fee-on-transfer token).
if (asset.balanceOf(address(this)) - starting != _amount) {
revert AssetLogic__handleIncomingAsset_feeOnTransferNotSupported();
}
}
/**
* @notice Handles transferring funds from the Connext contract to a specified address
* @param _asset - The address of the ERC20 token to transfer.
* @param _to - The recipient address that will receive the funds.
* @param _amount - The amount to withdraw from contract.
*/
function handleOutgoingAsset(
address _asset,
address _to,
uint256 _amount
) internal {
// Sanity check: if amount is 0, do nothing.
if (_amount == 0) {
return;
}
// Sanity check: asset address is not zero.
if (_asset == address(0)) revert AssetLogic__handleOutgoingAsset_notNative();
// Transfer ERC20 asset to target recipient.
SafeERC20.safeTransfer(IERC20Metadata(_asset), _to, _amount);
}
// ============ Internal: StableSwap Pools ============
/**
* @notice Return the index of the given token address. Reverts if no matching
* token is found.
* @param key the hash of the canonical id and domain
* @param tokenAddress address of the token
* @return the index of the given token address
*/
function getTokenIndexFromStableSwapPool(bytes32 key, address tokenAddress) internal view returns (uint8) {
AppStorage storage s = LibConnextStorage.connextStorage();
uint8 index = s.tokenIndexes[key][tokenAddress];
if (address(s.swapStorages[key].pooledTokens[index]) != tokenAddress)
revert AssetLogic__getTokenIndexFromStableSwapPool_notExist();
return index;
}
// ============ Internal: Handle Swap ============
/**
* @notice Swaps an adopted asset to the local (representation or canonical) asset.
* @dev Will not swap if the asset passed in is the local asset.
* @param _key - The hash of canonical id and domain.
* @param _asset - The address of the adopted asset to swap into the local asset.
* @param _amount - The amount of the adopted asset to swap.
* @param _slippage - The maximum amount of slippage user will take on from _amount in BPS.
* @return uint256 The amount of local asset received from swap.
*/
function swapToLocalAssetIfNeeded(
bytes32 _key,
address _asset,
address _local,
uint256 _amount,
uint256 _slippage
) internal returns (uint256) {
// If there's no amount, no need to swap.
if (_amount == 0) {
return 0;
}
// Check the case where the adopted asset *is* the local asset. If so, no need to swap.
if (_local == _asset) {
return _amount;
}
// Get the configs.
TokenConfig storage config = getConfig(_key);
// Swap the asset to the proper local asset.
(uint256 out, ) = _swapAsset(
_key,
_asset,
_local,
_amount,
calculateSlippageBoundary(config.adoptedDecimals, config.representationDecimals, _amount, _slippage)
);
return out;
}
/**
* @notice Swaps a local bridge asset for the adopted asset using the stored stable swap
* @dev Will not swap if the asset passed in is the adopted asset
* @param _key the hash of the canonical id and domain
* @param _asset - The address of the local asset to swap into the adopted asset
* @param _amount - The amount of the local asset to swap
* @param _slippage - The minimum amount of slippage user will take on from _amount in BPS
* @param _normalizedIn - The amount sent in on xcall to take the slippage from, in 18 decimals
* by convention
* @return The amount of adopted asset received from swap
* @return The address of asset received post-swap
*/
function swapFromLocalAssetIfNeeded(
bytes32 _key,
address _asset,
uint256 _amount,
uint256 _slippage,
uint256 _normalizedIn
) internal returns (uint256, address) {
// Get the token config.
TokenConfig storage config = getConfig(_key);
address adopted = config.adopted;
// If the adopted asset is the local asset, no need to swap.
if (adopted == _asset) {
return (_amount, adopted);
}
// If there's no amount, no need to swap.
if (_amount == 0) {
return (_amount, adopted);
}
// Swap the asset to the proper local asset
return
_swapAsset(
_key,
_asset,
adopted,
_amount,
// NOTE: To get the slippage boundary here, you must take the slippage % off of the
// normalized amount in (at 18 decimals by convention), then convert that amount
// to the proper decimals of adopted.
calculateSlippageBoundary(
Constants.DEFAULT_NORMALIZED_DECIMALS,
config.adoptedDecimals,
_normalizedIn,
_slippage
)
);
}
/**
* @notice Swaps a local bridge asset for the adopted asset using the stored stable swap
* @dev Will not swap if the asset passed in is the adopted asset
* @param _key the hash of the canonical id and domain
* @param _asset - The address of the local asset to swap into the adopted asset
* @param _amount - The exact amount to receive out of the swap
* @param _maxIn - The most you will supply to the swap
* @return The amount of local asset put into swap
* @return The address of asset received post-swap
*/
function swapFromLocalAssetIfNeededForExactOut(
bytes32 _key,
address _asset,
uint256 _amount,
uint256 _maxIn
) internal returns (uint256, address) {
TokenConfig storage config = getConfig(_key);
// If the adopted asset is the local asset, no need to swap.
address adopted = config.adopted;
if (adopted == _asset) {
return (_amount, adopted);
}
return _swapAssetOut(_key, _asset, adopted, _amount, _maxIn);
}
/**
* @notice Swaps assetIn to assetOut using the stored stable swap or internal swap pool.
* @dev Will not swap if the asset passed in is the adopted asset
* @param _key - The hash of canonical id and domain.
* @param _assetIn - The address of the from asset
* @param _assetOut - The address of the to asset
* @param _amount - The amount of the local asset to swap
* @param _minOut - The minimum amount of `_assetOut` the user will accept
* @return The amount of asset received
* @return The address of asset received
*/
function _swapAsset(
bytes32 _key,
address _assetIn,
address _assetOut,
uint256 _amount,
uint256 _minOut
) internal returns (uint256, address) {
AppStorage storage s = LibConnextStorage.connextStorage();
// Retrieve internal swap pool reference.
SwapUtils.Swap storage ipool = s.swapStorages[_key];
if (ipool.exists()) {
// Swap via the internal pool.
return (
ipool.swapInternal(
getTokenIndexFromStableSwapPool(_key, _assetIn),
getTokenIndexFromStableSwapPool(_key, _assetOut),
_amount,
_minOut
),
_assetOut
);
} else {
// Otherwise, swap via external stableswap pool.
IStableSwap pool = IStableSwap(getConfig(_key).adoptedToLocalExternalPools);
IERC20Metadata assetIn = IERC20Metadata(_assetIn);
assetIn.safeApprove(address(pool), 0);
assetIn.safeIncreaseAllowance(address(pool), _amount);
// NOTE: If pool is not registered here, then this call will revert.
return (
pool.swapExact(_amount, _assetIn, _assetOut, _minOut, block.timestamp + Constants.DEFAULT_DEADLINE_EXTENSION),
_assetOut
);
}
}
/**
* @notice Swaps assetIn to assetOut using the stored stable swap or internal swap pool.
* @param _key - The hash of the canonical id and domain.
* @param _assetIn - The address of the from asset.
* @param _assetOut - The address of the to asset.
* @param _amountOut - The amount of the _assetOut to swap.
* @param _maxIn - The most you will supply to the swap.
* @return amountIn The amount of assetIn. Will be 0 if the swap was unsuccessful (slippage
* too high).
* @return assetOut The address of asset received.
*/
function _swapAssetOut(
bytes32 _key,
address _assetIn,
address _assetOut,
uint256 _amountOut,
uint256 _maxIn
) internal returns (uint256, address) {
AppStorage storage s = LibConnextStorage.connextStorage();
// Retrieve internal swap pool reference. If it doesn't exist, we'll resort to using an
// external stableswap below.
SwapUtils.Swap storage ipool = s.swapStorages[_key];
// Swap the asset to the proper local asset.
// NOTE: IFF slippage was too high to perform swap in either case: success = false, amountIn = 0
if (ipool.exists()) {
// Swap via the internal pool.
return (
ipool.swapInternalOut(
getTokenIndexFromStableSwapPool(_key, _assetIn),
getTokenIndexFromStableSwapPool(_key, _assetOut),
_amountOut,
_maxIn
),
_assetOut
);
} else {
// Otherwise, swap via external stableswap pool.
// NOTE: This call will revert if the external stableswap pool doesn't exist.
IStableSwap pool = IStableSwap(getConfig(_key).adoptedToLocalExternalPools);
address poolAddress = address(pool);
// Perform the swap.
// Edge case with some tokens: Example USDT in ETH Mainnet, after the backUnbacked call
// there could be a remaining allowance if not the whole amount is pulled by aave.
// Later, if we try to increase the allowance it will fail. USDT demands if allowance
// is not 0, it has to be set to 0 first.
// Example: https://github.com/aave/aave-v3-periphery/blob/ca184e5278bcbc10d28c3dbbc604041d7cfac50b/contracts/adapters/paraswap/ParaSwapRepayAdapter.sol#L138-L140
IERC20Metadata assetIn = IERC20Metadata(_assetIn);
assetIn.safeApprove(poolAddress, 0);
assetIn.safeIncreaseAllowance(poolAddress, _maxIn);
uint256 out = pool.swapExactOut(
_amountOut,
_assetIn,
_assetOut,
_maxIn,
block.timestamp + Constants.DEFAULT_DEADLINE_EXTENSION
);
// Reset allowance
assetIn.safeApprove(poolAddress, 0);
return (out, _assetOut);
}
}
/**
* @notice Calculate amount of tokens you receive on a local bridge asset for the adopted asset
* using the stored stable swap
* @dev Will not use the stored stable swap if the asset passed in is the local asset
* @param _key - The hash of the canonical id and domain
* @param _asset - The address of the local asset to swap into the local asset
* @param _amount - The amount of the local asset to swap
* @return The amount of local asset received from swap
* @return The address of asset received post-swap
*/
function calculateSwapFromLocalAssetIfNeeded(
bytes32 _key,
address _asset,
uint256 _amount
) internal view returns (uint256, address) {
AppStorage storage s = LibConnextStorage.connextStorage();
// If the adopted asset is the local asset, no need to swap.
TokenConfig storage config = getConfig(_key);
address adopted = config.adopted;
if (adopted == _asset) {
return (_amount, adopted);
}
SwapUtils.Swap storage ipool = s.swapStorages[_key];
// Calculate the swap using the appropriate pool.
if (ipool.exists()) {
// Calculate with internal swap pool.
uint8 tokenIndexIn = getTokenIndexFromStableSwapPool(_key, _asset);
uint8 tokenIndexOut = getTokenIndexFromStableSwapPool(_key, adopted);
return (ipool.calculateSwap(tokenIndexIn, tokenIndexOut, _amount), adopted);
} else {
// Otherwise, try to calculate with external pool.
IStableSwap pool = IStableSwap(config.adoptedToLocalExternalPools);
// NOTE: This call will revert if no external pool exists.
return (pool.calculateSwapFromAddress(_asset, adopted, _amount), adopted);
}
}
/**
* @notice Calculate amount of tokens you receive of a local bridge asset for the adopted asset
* using the stored stable swap
* @dev Will not use the stored stable swap if the asset passed in is the local asset
* @param _asset - The address of the asset to swap into the local asset
* @param _amount - The amount of the asset to swap
* @return The amount of local asset received from swap
* @return The address of asset received post-swap
*/
function calculateSwapToLocalAssetIfNeeded(
bytes32 _key,
address _asset,
address _local,
uint256 _amount
) internal view returns (uint256, address) {
AppStorage storage s = LibConnextStorage.connextStorage();
// If the asset is the local asset, no swap needed
if (_asset == _local) {
return (_amount, _local);
}
SwapUtils.Swap storage ipool = s.swapStorages[_key];
// Calculate the swap using the appropriate pool.
if (ipool.exists()) {
// if internal swap pool exists
uint8 tokenIndexIn = getTokenIndexFromStableSwapPool(_key, _asset);
uint8 tokenIndexOut = getTokenIndexFromStableSwapPool(_key, _local);
return (ipool.calculateSwap(tokenIndexIn, tokenIndexOut, _amount), _local);
} else {
IStableSwap pool = IStableSwap(getConfig(_key).adoptedToLocalExternalPools);
return (pool.calculateSwapFromAddress(_asset, _local, _amount), _local);
}
}
// ============ Internal: Token ID Helpers ============
/**
* @notice Gets the canonical information for a given candidate.
* @dev First checks the `address(0)` convention, then checks if the asset given is the
* adopted asset, then calculates the local address.
* @return TokenId The canonical token ID information for the given candidate.
*/
function getCanonicalTokenId(address _candidate, AppStorage storage s) internal view returns (TokenId memory) {
TokenId memory _canonical;
// If candidate is address(0), return an empty `_canonical`.
if (_candidate == address(0)) {
return _canonical;
}
// Check to see if candidate is an adopted asset.
_canonical = s.adoptedToCanonical[_candidate];
if (_canonical.domain != 0) {
// Candidate is an adopted asset, return canonical info.
return _canonical;
}
// Candidate was not adopted; it could be the local address.
// IFF this domain is the canonical domain, then the local == canonical.
// Otherwise, it will be the representation asset.
if (isLocalOrigin(_candidate, s)) {
// The token originates on this domain, canonical information is the information
// of the candidate
_canonical.domain = s.domain;
_canonical.id = TypeCasts.addressToBytes32(_candidate);
} else {
// on a remote domain, return the representation
_canonical = s.representationToCanonical[_candidate];
}
return _canonical;
}
/**
* @notice Determine if token is of local origin (i.e. it is a locally originating contract,
* and NOT a token deployed by the bridge).
* @param s AppStorage instance.
* @return bool true if token is locally originating, false otherwise.
*/
function isLocalOrigin(address _token, AppStorage storage s) internal view returns (bool) {
// If the token contract WAS deployed by the bridge, it will be stored in this mapping.
// If so, the token is NOT of local origin.
if (s.representationToCanonical[_token].domain != 0) {
return false;
}
// If the contract was NOT deployed by the bridge, but the contract does exist, then it
// IS of local origin. Returns true if code exists at `_addr`.
return _token.code.length != 0;
}
/**
* @notice Get the local asset address for a given canonical key, id, and domain.
* @param _key - The hash of canonical id and domain.
* @param _id Canonical ID.
* @param _domain Canonical domain.
* @param s AppStorage instance.
* @return address of the the local asset.
*/
function getLocalAsset(
bytes32 _key,
bytes32 _id,
uint32 _domain,
AppStorage storage s
) internal view returns (address) {
if (_domain == s.domain) {
// Token is of local origin
return TypeCasts.bytes32ToAddress(_id);
} else {
// Token is a representation of a token of remote origin
return getConfig(_key).representation;
}
}
/**
* @notice Calculates the hash of canonical ID and domain.
* @dev This hash is used as the key for many asset-related mappings.
* @param _id Canonical ID.
* @param _domain Canonical domain.
* @return bytes32 Canonical hash, used as key for accessing token info from mappings.
*/
function calculateCanonicalHash(bytes32 _id, uint32 _domain) internal pure returns (bytes32) {
return keccak256(abi.encode(_id, _domain));
}
// ============ Internal: Math ============
/**
* @notice This function calculates slippage as a %age of the amount in, and normalizes
* That to the `_out` decimals.
*
* @dev This *ONLY* works for 1:1 assets
*
* @param _in The decimals of the asset in / amount in
* @param _out The decimals of the target asset
* @param _amountIn The starting amount for the swap
* @param _slippage The slippage allowed for the swap, in BPS
* @return uint256 The minimum amount out for the swap
*/
function calculateSlippageBoundary(
uint8 _in,
uint8 _out,
uint256 _amountIn,
uint256 _slippage
) internal pure returns (uint256) {
if (_amountIn == 0) {
return 0;
}
// Get the min recieved (in same decimals as _amountIn)
uint256 min = (_amountIn * (Constants.BPS_FEE_DENOMINATOR - _slippage)) / Constants.BPS_FEE_DENOMINATOR;
return normalizeDecimals(_in, _out, min);
}
/**
* @notice This function translates the _amount in _in decimals
* to _out decimals
*
* @param _in The decimals of the asset in / amount in
* @param _out The decimals of the target asset
* @param _amount The value to normalize to the `_out` decimals
* @return uint256 Normalized decimals.
*/
function normalizeDecimals(
uint8 _in,
uint8 _out,
uint256 _amount
) internal pure returns (uint256) {
if (_in == _out) {
return _amount;
}
// Convert this value to the same decimals as _out
uint256 normalized;
if (_in < _out) {
normalized = _amount * (10**(_out - _in));
} else {
normalized = _amount / (10**(_in - _out));
}
return normalized;
}
}// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity 0.8.17;
library Constants {
// ============= Initial Values =============
/**
* @notice Sets the initial lp fee at 5 bps
*/
uint256 public constant INITIAL_LIQUIDITY_FEE_NUMERATOR = 9_995;
/**
* @notice Sets the initial max routers per transfer
*/
uint256 public constant INITIAL_MAX_ROUTERS = 5;
/**
* @notice Sets the initial max routers per transfer
*/
uint16 public constant INITIAL_AAVE_REFERRAL_CODE = 0;
// =============
// ============= Unchangeable Values =============
// ============= Facets
/**
* @notice Reentrancy modifier for diamond
*/
uint256 internal constant NOT_ENTERED = 1;
/**
* @notice Reentrancy modifier for diamond
*/
uint256 internal constant ENTERED = 2;
/**
* @notice Contains hash of empty bytes
*/
bytes32 internal constant EMPTY_HASH = keccak256("");
/**
* @notice Denominator for BPS values
*/
uint256 public constant BPS_FEE_DENOMINATOR = 10_000;
/**
* @notice Value for delay used on governance
*/
uint256 public constant GOVERNANCE_DELAY = 7 days;
/**
* @notice Required gas amount to be leftover after passing in `gasleft` when
* executing calldata (see `_executeCalldata` method).
*/
uint256 public constant EXECUTE_CALLDATA_RESERVE_GAS = 10_000;
/**
* @notice Portal referral code
*/
uint16 public constant AAVE_REFERRAL_CODE = 0;
// ============= ConnextPriceOracle
/**
* @notice Valid period for a price delivered by the price oracle
*/
uint256 public constant ORACLE_VALID_PERIOD = 1 minutes;
/**
* @notice Valid wiggle room for future timestamps (3s) used by `setDirectPrice`
*/
uint256 public constant FUTURE_TIME_BUFFER = 3;
/**
* @notice Defalt decimals values are normalized to
*/
uint8 public constant DEFAULT_NORMALIZED_DECIMALS = uint8(18);
/**
* @notice Bytes of return data copied back when using `excessivelySafeCall`
*/
uint16 public constant DEFAULT_COPY_BYTES = 256;
/**
* @notice Valid deadline extension used when swapping (1hr)
*/
uint256 public constant DEFAULT_DEADLINE_EXTENSION = 3600;
// ============= Swaps
/**
* @notice the precision all pools tokens will be converted to
* @dev stored here to keep easily in sync between `SwapUtils` and `SwapUtilsExternal`
*
* The minimum in a pool is 2 (nextUSDC, USDC), and the maximum allowed is 16. While
* we do not have pools supporting this number of token, allowing a larger value leaves
* the possibility open to pool multiple stable local/adopted pairs, garnering greater
* capital efficiency. 16 specifically was chosen as a bit of a sweet spot between the
* default of 32 and what we will realistically host in pools.
*/
uint256 public constant MINIMUM_POOLED_TOKENS = 2;
uint256 public constant MAXIMUM_POOLED_TOKENS = 16;
/**
* @notice the precision all pools tokens will be converted to
* @dev stored here to keep easily in sync between `SwapUtils` and `SwapUtilsExternal`
*/
uint8 public constant POOL_PRECISION_DECIMALS = 18;
/**
* @notice the denominator used to calculate admin and LP fees. For example, an
* LP fee might be something like tradeAmount.mul(fee).div(FEE_DENOMINATOR)
* @dev stored here to keep easily in sync between `SwapUtils` and `SwapUtilsExternal`
*/
uint256 public constant FEE_DENOMINATOR = 1e10;
/**
* @notice Max swap fee is 1% or 100bps of each swap
* @dev stored here to keep easily in sync between `SwapUtils` and `SwapUtilsExternal`
*/
uint256 public constant MAX_SWAP_FEE = 1e8;
/**
* @notice Max adminFee is 100% of the swapFee. adminFee does not add additional fee on top of swapFee.
* Instead it takes a certain % of the swapFee. Therefore it has no impact on the
* users but only on the earnings of LPs
* @dev stored here to keep easily in sync between `SwapUtils` and `SwapUtilsExternal`
*/
uint256 public constant MAX_ADMIN_FEE = 1e10;
/**
* @notice constant value used as max loop limit
* @dev stored here to keep easily in sync between `SwapUtils` and `SwapUtilsExternal`
*/
uint256 public constant MAX_LOOP_LIMIT = 256;
// Constant value used as max delay time for removing swap after disabled
uint256 internal constant REMOVE_DELAY = 7 days;
/**
* @notice constant values used in ramping A calculations
* @dev stored here to keep easily in sync between `SwapUtils` and `SwapUtilsExternal`
*/
uint256 public constant A_PRECISION = 100;
uint256 public constant MAX_A = 10**6;
uint256 public constant MAX_A_CHANGE = 2;
uint256 public constant MIN_RAMP_TIME = 14 days;
uint256 public constant MIN_RAMP_DELAY = 1 days;
}// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.17;
import {IStableSwap} from "../interfaces/IStableSwap.sol";
import {IConnectorManager} from "../../../messaging/interfaces/IConnectorManager.sol";
import {SwapUtils} from "./SwapUtils.sol";
import {TokenId} from "./TokenId.sol";
/**
* @notice THIS FILE DEFINES OUR STORAGE LAYOUT AND ID GENERATION SCHEMA. IT CAN ONLY BE MODIFIED FREELY FOR FRESH
* DEPLOYS. If you are modifiying this file for an upgrade, you must **CAREFULLY** ensure
* the contract storage layout is not impacted.
*
* BE VERY CAREFUL MODIFYING THE VALUES IN THIS FILE!
*/
// ============= Enum =============
/// @notice Enum representing address role
// Returns uint
// None - 0
// Router - 1
// Watcher - 2
// Admin - 3
enum Role {
None,
RouterAdmin,
Watcher,
Admin
}
/**
* @notice Enum representing status of destination transfer
* @dev Status is only assigned on the destination domain, will always be "none" for the
* origin domains
* @return uint - Index of value in enum
*/
enum DestinationTransferStatus {
None, // 0
Reconciled, // 1
Executed, // 2
Completed // 3 - executed + reconciled
}
/**
* @notice These are the parameters that will remain constant between the
* two chains. They are supplied on `xcall` and should be asserted on `execute`
* @property to - The account that receives funds, in the event of a crosschain call,
* will receive funds if the call fails.
*
* @param originDomain - The originating domain (i.e. where `xcall` is called)
* @param destinationDomain - The final domain (i.e. where `execute` / `reconcile` are called)\
* @param canonicalDomain - The canonical domain of the asset you are bridging
* @param to - The address you are sending funds (and potentially data) to
* @param delegate - An address who can execute txs on behalf of `to`, in addition to allowing relayers
* @param receiveLocal - If true, will use the local asset on the destination instead of adopted.
* @param callData - The data to execute on the receiving chain. If no crosschain call is needed, then leave empty.
* @param slippage - Slippage user is willing to accept from original amount in expressed in BPS (i.e. if
* a user takes 1% slippage, this is expressed as 1_000)
* @param originSender - The msg.sender of the xcall
* @param bridgedAmt - The amount sent over the bridge (after potential AMM on xcall)
* @param normalizedIn - The amount sent to `xcall`, normalized to 18 decimals
* @param nonce - The nonce on the origin domain used to ensure the transferIds are unique
* @param canonicalId - The unique identifier of the canonical token corresponding to bridge assets
*/
struct TransferInfo {
uint32 originDomain;
uint32 destinationDomain;
uint32 canonicalDomain;
address to;
address delegate;
bool receiveLocal;
bytes callData;
uint256 slippage;
address originSender;
uint256 bridgedAmt;
uint256 normalizedIn;
uint256 nonce;
bytes32 canonicalId;
}
/**
* @notice
* @param params - The TransferInfo. These are consistent across sending and receiving chains.
* @param routers - The routers who you are sending the funds on behalf of.
* @param routerSignatures - Signatures belonging to the routers indicating permission to use funds
* for the signed transfer ID.
* @param sequencer - The sequencer who assigned the router path to this transfer.
* @param sequencerSignature - Signature produced by the sequencer for path assignment accountability
* for the path that was signed.
*/
struct ExecuteArgs {
TransferInfo params;
address[] routers;
bytes[] routerSignatures;
address sequencer;
bytes sequencerSignature;
}
/**
* @notice Contains configs for each router
* @param approved Whether the router is allowlisted, settable by admin
* @param portalApproved Whether the router is allowlisted for portals, settable by admin
* @param routerOwners The address that can update the `recipient`
* @param proposedRouterOwners Owner candidates
* @param proposedRouterTimestamp When owner candidate was proposed (there is a delay to acceptance)
*/
struct RouterConfig {
bool approved;
bool portalApproved;
address owner;
address recipient;
address proposed;
uint256 proposedTimestamp;
}
/**
* @notice Contains configurations for tokens
* @dev Struct will be stored on the hash of the `canonicalId` and `canonicalDomain`. There are also
* two separate reverse lookups, that deliver plaintext information based on the passed in address (can
* either be representation or adopted address passed in).
*
* If the decimals are updated in a future token upgrade, the transfers should fail. If that happens, the
* asset and swaps must be removed, and then they can be readded
*
* @param representation Address of minted asset on this domain. If the token is of local origin (meaning it was
* originally deployed on this chain), this MUST map to address(0).
* @param representationDecimals Decimals of minted asset on this domain
* @param adopted Address of adopted asset on this domain
* @param adoptedDecimals Decimals of adopted asset on this domain
* @param adoptedToLocalExternalPools Holds the AMMs for swapping in and out of local assets
* @param approval Allowed assets
* @param cap Liquidity caps of whitelisted assets. If 0, no cap is enforced.
* @param custodied Custodied balance by address
*/
struct TokenConfig {
address representation;
uint8 representationDecimals;
address adopted;
uint8 adoptedDecimals;
address adoptedToLocalExternalPools;
bool approval;
uint256 cap;
uint256 custodied;
}
struct AppStorage {
//
// 0
bool initialized;
//
// Connext
//
// 1
uint256 LIQUIDITY_FEE_NUMERATOR;
/**
* @notice The local address that is custodying relayer fees
*/
// 2
address relayerFeeVault;
/**
* @notice Nonce for the contract, used to keep unique transfer ids.
* @dev Assigned at first interaction (xcall on origin domain).
*/
// 3
uint256 nonce;
/**
* @notice The domain this contract exists on.
* @dev Must match the domain identifier, which is distinct from the "chainId".
*/
// 4
uint32 domain;
/**
* @notice Mapping of adopted to canonical asset information.
*/
// 5
mapping(address => TokenId) adoptedToCanonical;
/**
* @notice Mapping of representation to canonical asset information.
*/
// 6
mapping(address => TokenId) representationToCanonical;
/**
* @notice Mapping of hash(canonicalId, canonicalDomain) to token config on this domain.
*/
// 7
mapping(bytes32 => TokenConfig) tokenConfigs;
/**
* @notice Mapping to track transfer status on destination domain
*/
// 8
mapping(bytes32 => DestinationTransferStatus) transferStatus;
/**
* @notice Mapping holding router address that provided fast liquidity.
*/
// 9
mapping(bytes32 => address[]) routedTransfers;
/**
* @notice Mapping of router to available balance of an asset.
* @dev Routers should always store liquidity that they can expect to receive via the bridge on
* this domain (the local asset).
*/
// 10
mapping(address => mapping(address => uint256)) routerBalances;
/**
* @notice Mapping of approved relayers
* @dev Send relayer fee if msg.sender is approvedRelayer; otherwise revert.
*/
// 11
mapping(address => bool) approvedRelayers;
/**
* @notice The max amount of routers a payment can be routed through.
*/
// 12
uint256 maxRoutersPerTransfer;
/**
* @notice Stores a mapping of transfer id to slippage overrides.
*/
// 13
mapping(bytes32 => uint256) slippage;
/**
* @notice Stores a mapping of transfer id to receive local overrides.
*/
// 14
mapping(bytes32 => bool) receiveLocalOverride;
/**
* @notice Stores a mapping of remote routers keyed on domains.
* @dev Addresses are cast to bytes32.
* This mapping is required because the Connext now contains the BridgeRouter and must implement
* the remotes interface.
*/
// 15
mapping(uint32 => bytes32) remotes;
//
// ProposedOwnable
//
// 17
address _proposed;
// 18
uint256 _proposedOwnershipTimestamp;
// 19
bool _routerAllowlistRemoved;
// 20
uint256 _routerAllowlistTimestamp;
/**
* @notice Stores a mapping of address to Roles
* @dev returns uint representing the enum Role value
*/
// 21
mapping(address => Role) roles;
//
// RouterFacet
//
// 22
mapping(address => RouterConfig) routerConfigs;
//
// ReentrancyGuard
//
// 23
uint256 _status;
// 24
uint256 _xcallStatus;
//
// StableSwap
//
/**
* @notice Mapping holding the AMM storages for swapping in and out of local assets
* @dev Swaps for an adopted asset <> local asset (i.e. POS USDC <> nextUSDC on polygon)
* Struct storing data responsible for automatic market maker functionalities. In order to
* access this data, this contract uses SwapUtils library. For more details, see SwapUtils.sol.
*/
// 25
mapping(bytes32 => SwapUtils.Swap) swapStorages;
/**
* @notice Maps token address to an index in the pool. Used to prevent duplicate tokens in the pool.
* @dev getTokenIndex function also relies on this mapping to retrieve token index.
*/
// 26
mapping(bytes32 => mapping(address => uint8)) tokenIndexes;
/**
* The address of an existing LPToken contract to use as a target
* this target must be the address which connext deployed on this chain.
*/
// 27
address lpTokenTargetAddress;
/**
* @notice Stores whether or not bribing, AMMs, have been paused.
*/
// 28
bool _paused;
//
// AavePortals
//
/**
* @notice Address of Aave Pool contract.
*/
// 29
address aavePool;
/**
* @notice Fee percentage numerator for using Portal liquidity.
* @dev Assumes the same basis points as the liquidity fee.
*/
// 30
uint256 aavePortalFeeNumerator;
/**
* @notice Mapping to store the transfer liquidity amount provided by Aave Portals.
*/
// 31
mapping(bytes32 => uint256) portalDebt;
/**
* @notice Mapping to store the transfer liquidity amount provided by Aave Portals.
*/
// 32
mapping(bytes32 => uint256) portalFeeDebt;
/**
* @notice Mapping of approved sequencers
* @dev Sequencer address provided must belong to an approved sequencer in order to call `execute`
* for the fast liquidity route.
*/
// 33
mapping(address => bool) approvedSequencers;
/**
* @notice Remote connection manager for xapp.
*/
// 34
IConnectorManager xAppConnectionManager;
}
library LibConnextStorage {
function connextStorage() internal pure returns (AppStorage storage ds) {
assembly {
ds.slot := 0
}
}
}// SPDX-License-Identifier: MIT pragma solidity 0.8.17; /******************************************************************************\ * Author: Nick Mudge <[email protected]> (https://twitter.com/mudgen) * EIP-2535 Diamonds: https://eips.ethereum.org/EIPS/eip-2535 /******************************************************************************/ import {IDiamondCut} from "../interfaces/IDiamondCut.sol"; // Remember to add the loupe functions from DiamondLoupeFacet to the diamond. // The loupe functions are required by the EIP2535 Diamonds standard library LibDiamond { bytes32 constant DIAMOND_STORAGE_POSITION = keccak256("diamond.standard.diamond.storage"); struct FacetAddressAndPosition { address facetAddress; uint96 functionSelectorPosition; // position in facetFunctionSelectors.functionSelectors array } struct FacetFunctionSelectors { bytes4[] functionSelectors; uint256 facetAddressPosition; // position of facetAddress in facetAddresses array } struct DiamondStorage { // maps function selector to the facet address and // the position of the selector in the facetFunctionSelectors.selectors array mapping(bytes4 => FacetAddressAndPosition) selectorToFacetAndPosition; // maps facet addresses to function selectors mapping(address => FacetFunctionSelectors) facetFunctionSelectors; // facet addresses address[] facetAddresses; // Used to query if a contract implements an interface. // Used to implement ERC-165. mapping(bytes4 => bool) supportedInterfaces; // owner of the contract address contractOwner; // hash of proposed facets => acceptance time mapping(bytes32 => uint256) acceptanceTimes; // acceptance delay for upgrading facets uint256 acceptanceDelay; } function diamondStorage() internal pure returns (DiamondStorage storage ds) { bytes32 position = DIAMOND_STORAGE_POSITION; assembly { ds.slot := position } } event OwnershipTransferred(address indexed previousOwner, address indexed newOwner); function setContractOwner(address _newOwner) internal { DiamondStorage storage ds = diamondStorage(); emit OwnershipTransferred(ds.contractOwner, _newOwner); ds.contractOwner = _newOwner; } function contractOwner() internal view returns (address contractOwner_) { contractOwner_ = diamondStorage().contractOwner; } function acceptanceDelay() internal view returns (uint256) { return diamondStorage().acceptanceDelay; } function acceptanceTime(bytes32 _key) internal view returns (uint256) { return diamondStorage().acceptanceTimes[_key]; } function enforceIsContractOwner() internal view { require(msg.sender == diamondStorage().contractOwner, "LibDiamond: !contract owner"); } event DiamondCutProposed(IDiamondCut.FacetCut[] _diamondCut, address _init, bytes _calldata, uint256 deadline); function proposeDiamondCut( IDiamondCut.FacetCut[] memory _diamondCut, address _init, bytes memory _calldata ) internal { // NOTE: to save gas, verification that `proposeDiamondCut` and `diamondCut` are not // included is performed in `diamondCut`, where there is already a loop over facets. // In the case where these cuts are performed, admins must call `rescindDiamondCut` DiamondStorage storage ds = diamondStorage(); uint256 acceptance = block.timestamp + ds.acceptanceDelay; ds.acceptanceTimes[keccak256(abi.encode(_diamondCut, _init, _calldata))] = acceptance; emit DiamondCutProposed(_diamondCut, _init, _calldata, acceptance); } event DiamondCutRescinded(IDiamondCut.FacetCut[] _diamondCut, address _init, bytes _calldata); function rescindDiamondCut( IDiamondCut.FacetCut[] memory _diamondCut, address _init, bytes memory _calldata ) internal { // NOTE: you can always rescind a proposed facet cut as the owner, even if outside of the validity // period or befor the delay elpases delete diamondStorage().acceptanceTimes[keccak256(abi.encode(_diamondCut, _init, _calldata))]; emit DiamondCutRescinded(_diamondCut, _init, _calldata); } event DiamondCut(IDiamondCut.FacetCut[] _diamondCut, address _init, bytes _calldata); // Internal function version of diamondCut function diamondCut( IDiamondCut.FacetCut[] memory _diamondCut, address _init, bytes memory _calldata ) internal { DiamondStorage storage ds = diamondStorage(); bytes32 key = keccak256(abi.encode(_diamondCut, _init, _calldata)); if (ds.facetAddresses.length != 0) { uint256 time = ds.acceptanceTimes[key]; require(time != 0 && time <= block.timestamp, "LibDiamond: delay not elapsed"); // Reset the acceptance time to ensure the same set of updates cannot be replayed // without going through a proposal window // NOTE: the only time this will not be set to 0 is when there are no // existing facet addresses (on initialization, or when starting after a bad upgrade, // for example). // The only relevant case is the initial case, which has no acceptance time. otherwise, // there is no way to update the facet selector mapping to call `diamondCut`. // Avoiding setting the empty value will save gas on the initial deployment. delete ds.acceptanceTimes[key]; } // Otherwise, this is the first instance of deployment and it can be set automatically uint256 len = _diamondCut.length; for (uint256 facetIndex; facetIndex < len; ) { IDiamondCut.FacetCutAction action = _diamondCut[facetIndex].action; if (action == IDiamondCut.FacetCutAction.Add) { addFunctions(_diamondCut[facetIndex].facetAddress, _diamondCut[facetIndex].functionSelectors); } else if (action == IDiamondCut.FacetCutAction.Replace) { replaceFunctions(_diamondCut[facetIndex].facetAddress, _diamondCut[facetIndex].functionSelectors); } else if (action == IDiamondCut.FacetCutAction.Remove) { removeFunctions(_diamondCut[facetIndex].facetAddress, _diamondCut[facetIndex].functionSelectors); } else { revert("LibDiamondCut: Incorrect FacetCutAction"); } unchecked { ++facetIndex; } } emit DiamondCut(_diamondCut, _init, _calldata); initializeDiamondCut(_init, _calldata); } function addFunctions(address _facetAddress, bytes4[] memory _functionSelectors) internal { require(_functionSelectors.length != 0, "LibDiamondCut: No selectors in facet to cut"); DiamondStorage storage ds = diamondStorage(); require(_facetAddress != address(0), "LibDiamondCut: Add facet can't be address(0)"); uint96 selectorPosition = uint96(ds.facetFunctionSelectors[_facetAddress].functionSelectors.length); // add new facet address if it does not exist if (selectorPosition == 0) { addFacet(ds, _facetAddress); } uint256 len = _functionSelectors.length; for (uint256 selectorIndex; selectorIndex < len; ) { bytes4 selector = _functionSelectors[selectorIndex]; address oldFacetAddress = ds.selectorToFacetAndPosition[selector].facetAddress; require(oldFacetAddress == address(0), "LibDiamondCut: Can't add function that already exists"); addFunction(ds, selector, selectorPosition, _facetAddress); selectorPosition++; unchecked { ++selectorIndex; } } } function replaceFunctions(address _facetAddress, bytes4[] memory _functionSelectors) internal { uint256 len = _functionSelectors.length; require(len != 0, "LibDiamondCut: No selectors in facet to cut"); DiamondStorage storage ds = diamondStorage(); require(_facetAddress != address(0), "LibDiamondCut: Add facet can't be address(0)"); uint96 selectorPosition = uint96(ds.facetFunctionSelectors[_facetAddress].functionSelectors.length); // add new facet address if it does not exist if (selectorPosition == 0) { addFacet(ds, _facetAddress); } for (uint256 selectorIndex; selectorIndex < len; ) { bytes4 selector = _functionSelectors[selectorIndex]; address oldFacetAddress = ds.selectorToFacetAndPosition[selector].facetAddress; require(oldFacetAddress != _facetAddress, "LibDiamondCut: Can't replace function with same function"); removeFunction(ds, oldFacetAddress, selector); addFunction(ds, selector, selectorPosition, _facetAddress); selectorPosition++; unchecked { ++selectorIndex; } } } function removeFunctions(address _facetAddress, bytes4[] memory _functionSelectors) internal { require(_functionSelectors.length != 0, "LibDiamondCut: No selectors in facet to cut"); DiamondStorage storage ds = diamondStorage(); // get the propose and cut selectors -- can never remove these bytes4 proposeSelector = IDiamondCut.proposeDiamondCut.selector; bytes4 cutSelector = IDiamondCut.diamondCut.selector; // if function does not exist then do nothing and return require(_facetAddress == address(0), "LibDiamondCut: Remove facet address must be address(0)"); uint256 len = _functionSelectors.length; for (uint256 selectorIndex; selectorIndex < len; ) { bytes4 selector = _functionSelectors[selectorIndex]; require(selector != proposeSelector && selector != cutSelector, "LibDiamondCut: Cannot remove cut selectors"); address oldFacetAddress = ds.selectorToFacetAndPosition[selector].facetAddress; removeFunction(ds, oldFacetAddress, selector); unchecked { ++selectorIndex; } } } function addFacet(DiamondStorage storage ds, address _facetAddress) internal { enforceHasContractCode(_facetAddress, "LibDiamondCut: New facet has no code"); ds.facetFunctionSelectors[_facetAddress].facetAddressPosition = ds.facetAddresses.length; ds.facetAddresses.push(_facetAddress); } function addFunction( DiamondStorage storage ds, bytes4 _selector, uint96 _selectorPosition, address _facetAddress ) internal { ds.selectorToFacetAndPosition[_selector].functionSelectorPosition = _selectorPosition; ds.facetFunctionSelectors[_facetAddress].functionSelectors.push(_selector); ds.selectorToFacetAndPosition[_selector].facetAddress = _facetAddress; } function removeFunction( DiamondStorage storage ds, address _facetAddress, bytes4 _selector ) internal { require(_facetAddress != address(0), "LibDiamondCut: Can't remove function that doesn't exist"); // an immutable function is a function defined directly in a diamond require(_facetAddress != address(this), "LibDiamondCut: Can't remove immutable function"); // replace selector with last selector, then delete last selector uint256 selectorPosition = ds.selectorToFacetAndPosition[_selector].functionSelectorPosition; uint256 lastSelectorPosition = ds.facetFunctionSelectors[_facetAddress].functionSelectors.length - 1; // if not the same then replace _selector with lastSelector if (selectorPosition != lastSelectorPosition) { bytes4 lastSelector = ds.facetFunctionSelectors[_facetAddress].functionSelectors[lastSelectorPosition]; ds.facetFunctionSelectors[_facetAddress].functionSelectors[selectorPosition] = lastSelector; ds.selectorToFacetAndPosition[lastSelector].functionSelectorPosition = uint96(selectorPosition); } // delete the last selector ds.facetFunctionSelectors[_facetAddress].functionSelectors.pop(); delete ds.selectorToFacetAndPosition[_selector]; // if no more selectors for facet address then delete the facet address if (lastSelectorPosition == 0) { // replace facet address with last facet address and delete last facet address uint256 lastFacetAddressPosition = ds.facetAddresses.length - 1; uint256 facetAddressPosition = ds.facetFunctionSelectors[_facetAddress].facetAddressPosition; if (facetAddressPosition != lastFacetAddressPosition) { address lastFacetAddress = ds.facetAddresses[lastFacetAddressPosition]; ds.facetAddresses[facetAddressPosition] = lastFacetAddress; ds.facetFunctionSelectors[lastFacetAddress].facetAddressPosition = facetAddressPosition; } ds.facetAddresses.pop(); delete ds.facetFunctionSelectors[_facetAddress].facetAddressPosition; } } function initializeDiamondCut(address _init, bytes memory _calldata) internal { if (_init == address(0)) { require(_calldata.length == 0, "LibDiamondCut: _init is address(0) but_calldata is not empty"); } else { require(_calldata.length != 0, "LibDiamondCut: _calldata is empty but _init is not address(0)"); if (_init != address(this)) { enforceHasContractCode(_init, "LibDiamondCut: _init address has no code"); } (bool success, bytes memory error) = _init.delegatecall(_calldata); if (!success) { if (error.length != 0) { // bubble up the error revert(string(error)); } else { revert("LibDiamondCut: _init function reverted"); } } } } function enforceHasContractCode(address _contract, string memory _errorMessage) internal view { require(_contract.code.length != 0, _errorMessage); } }
// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.17;
/**
* @title MathUtils library
* @notice A library to be used in conjunction with SafeMath. Contains functions for calculating
* differences between two uint256.
*/
library MathUtils {
/**
* @notice Compares a and b and returns true if the difference between a and b
* is less than 1 or equal to each other.
* @param a uint256 to compare with
* @param b uint256 to compare with
* @return True if the difference between a and b is less than 1 or equal,
* otherwise return false
*/
function within1(uint256 a, uint256 b) internal pure returns (bool) {
return (difference(a, b) < 1 + 1); // instead of <=1
}
/**
* @notice Calculates absolute difference between a and b
* @param a uint256 to compare with
* @param b uint256 to compare with
* @return Difference between a and b
*/
function difference(uint256 a, uint256 b) internal pure returns (uint256) {
if (a > b) {
return a - b;
}
return b - a;
}
}// SPDX-License-Identifier: UNLICENSED
pragma solidity 0.8.17;
import {SafeERC20, IERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
import {LPToken} from "../helpers/LPToken.sol";
import {AmplificationUtils} from "./AmplificationUtils.sol";
import {MathUtils} from "./MathUtils.sol";
import {AssetLogic} from "./AssetLogic.sol";
import {Constants} from "./Constants.sol";
/**
* @title SwapUtils library
* @notice A library to be used within Swap.sol. Contains functions responsible for custody and AMM functionalities.
* @dev Contracts relying on this library must initialize SwapUtils.Swap struct then use this library
* for SwapUtils.Swap struct. Note that this library contains both functions called by users and admins.
* Admin functions should be protected within contracts using this library.
*/
library SwapUtils {
using SafeERC20 for IERC20;
using MathUtils for uint256;
/*** EVENTS ***/
event TokenSwap(
bytes32 indexed key,
address indexed buyer,
uint256 tokensSold,
uint256 tokensBought,
uint128 soldId,
uint128 boughtId
);
event AddLiquidity(
bytes32 indexed key,
address indexed provider,
uint256[] tokenAmounts,
uint256[] fees,
uint256 invariant,
uint256 lpTokenSupply
);
event RemoveLiquidity(bytes32 indexed key, address indexed provider, uint256[] tokenAmounts, uint256 lpTokenSupply);
event RemoveLiquidityOne(
bytes32 indexed key,
address indexed provider,
uint256 lpTokenAmount,
uint256 lpTokenSupply,
uint256 boughtId,
uint256 tokensBought
);
event RemoveLiquidityImbalance(
bytes32 indexed key,
address indexed provider,
uint256[] tokenAmounts,
uint256[] fees,
uint256 invariant,
uint256 lpTokenSupply
);
event NewAdminFee(bytes32 indexed key, uint256 newAdminFee);
event NewSwapFee(bytes32 indexed key, uint256 newSwapFee);
struct Swap {
// variables around the ramp management of A,
// the amplification coefficient * n ** (n - 1)
// see Curve stableswap paper for details
bytes32 key;
uint256 initialA;
uint256 futureA;
uint256 initialATime;
uint256 futureATime;
// fee calculation
uint256 swapFee;
uint256 adminFee;
LPToken lpToken;
// contract references for all tokens being pooled
IERC20[] pooledTokens;
// multipliers for each pooled token's precision to get to Constants.POOL_PRECISION_DECIMALS
// for example, TBTC has 18 decimals, so the multiplier should be 1. WBTC
// has 8, so the multiplier should be 10 ** 18 / 10 ** 8 => 10 ** 10
uint256[] tokenPrecisionMultipliers;
// the pool balance of each token, in the token's precision
// the contract's actual token balance might differ
uint256[] balances;
// the admin fee balance of each token, in the token's precision
uint256[] adminFees;
// the flag if this pool disabled by admin. once disabled, only remove liquidity will work.
bool disabled;
// once pool disabled, admin can remove pool after passed removeTime. and reinitialize.
uint256 removeTime;
}
// Struct storing variables used in calculations in the
// calculateWithdrawOneTokenDY function to avoid stack too deep errors
struct CalculateWithdrawOneTokenDYInfo {
uint256 d0;
uint256 d1;
uint256 newY;
uint256 feePerToken;
uint256 preciseA;
}
// Struct storing variables used in calculations in the
// {add,remove}Liquidity functions to avoid stack too deep errors
struct ManageLiquidityInfo {
uint256 d0;
uint256 d1;
uint256 d2;
uint256 preciseA;
LPToken lpToken;
uint256 totalSupply;
uint256[] balances;
uint256[] multipliers;
}
/*** VIEW & PURE FUNCTIONS ***/
function _getAPrecise(Swap storage self) private view returns (uint256) {
return AmplificationUtils._getAPrecise(self);
}
/**
* @notice Calculate the dy, the amount of selected token that user receives and
* the fee of withdrawing in one token
* @param tokenAmount the amount to withdraw in the pool's precision
* @param tokenIndex which token will be withdrawn
* @param self Swap struct to read from
* @return the amount of token user will receive
*/
function calculateWithdrawOneToken(
Swap storage self,
uint256 tokenAmount,
uint8 tokenIndex
) internal view returns (uint256) {
(uint256 availableTokenAmount, ) = _calculateWithdrawOneToken(
self,
tokenAmount,
tokenIndex,
self.lpToken.totalSupply()
);
return availableTokenAmount;
}
function _calculateWithdrawOneToken(
Swap storage self,
uint256 tokenAmount,
uint8 tokenIndex,
uint256 totalSupply
) private view returns (uint256, uint256) {
uint256 dy;
uint256 newY;
uint256 currentY;
(dy, newY, currentY) = calculateWithdrawOneTokenDY(self, tokenIndex, tokenAmount, totalSupply);
// dy_0 (without fees)
// dy, dy_0 - dy
uint256 dySwapFee = (currentY - newY) / self.tokenPrecisionMultipliers[tokenIndex] - dy;
return (dy, dySwapFee);
}
/**
* @notice Calculate the dy of withdrawing in one token
* @param self Swap struct to read from
* @param tokenIndex which token will be withdrawn
* @param tokenAmount the amount to withdraw in the pools precision
* @return the d and the new y after withdrawing one token
*/
function calculateWithdrawOneTokenDY(
Swap storage self,
uint8 tokenIndex,
uint256 tokenAmount,
uint256 totalSupply
)
internal
view
returns (
uint256,
uint256,
uint256
)
{
// Get the current D, then solve the stableswap invariant
// y_i for D - tokenAmount
uint256[] memory xp = _xp(self);
require(tokenIndex < xp.length, "index out of range");
CalculateWithdrawOneTokenDYInfo memory v = CalculateWithdrawOneTokenDYInfo(0, 0, 0, 0, 0);
v.preciseA = _getAPrecise(self);
v.d0 = getD(xp, v.preciseA);
v.d1 = v.d0 - ((tokenAmount * v.d0) / totalSupply);
require(tokenAmount <= xp[tokenIndex], "exceeds available");
v.newY = getYD(v.preciseA, tokenIndex, xp, v.d1);
uint256[] memory xpReduced = new uint256[](xp.length);
v.feePerToken = _feePerToken(self.swapFee, xp.length);
// TODO: Set a length variable (at top) instead of reading xp.length on each loop.
uint256 len = xp.length;
for (uint256 i; i < len; ) {
uint256 xpi = xp[i];
// if i == tokenIndex, dxExpected = xp[i] * d1 / d0 - newY
// else dxExpected = xp[i] - (xp[i] * d1 / d0)
// xpReduced[i] -= dxExpected * fee / Constants.FEE_DENOMINATOR
xpReduced[i] =
xpi -
((((i == tokenIndex) ? ((xpi * v.d1) / v.d0 - v.newY) : (xpi - (xpi * v.d1) / v.d0)) * v.feePerToken) /
Constants.FEE_DENOMINATOR);
unchecked {
++i;
}
}
uint256 dy = xpReduced[tokenIndex] - getYD(v.preciseA, tokenIndex, xpReduced, v.d1);
dy = (dy - 1) / (self.tokenPrecisionMultipliers[tokenIndex]);
return (dy, v.newY, xp[tokenIndex]);
}
/**
* @notice Calculate the price of a token in the pool with given
* precision-adjusted balances and a particular D.
*
* @dev This is accomplished via solving the invariant iteratively.
* See the StableSwap paper and Curve.fi implementation for further details.
*
* x_1**2 + x1 * (sum' - (A*n**n - 1) * D / (A * n**n)) = D ** (n + 1) / (n ** (2 * n) * prod' * A)
* x_1**2 + b*x_1 = c
* x_1 = (x_1**2 + c) / (2*x_1 + b)
*
* @param a the amplification coefficient * n ** (n - 1). See the StableSwap paper for details.
* @param tokenIndex Index of token we are calculating for.
* @param xp a precision-adjusted set of pool balances. Array should be
* the same cardinality as the pool.
* @param d the stableswap invariant
* @return the price of the token, in the same precision as in xp
*/
function getYD(
uint256 a,
uint8 tokenIndex,
uint256[] memory xp,
uint256 d
) internal pure returns (uint256) {
uint256 numTokens = xp.length;
require(tokenIndex < numTokens, "Token not found");
uint256 c = d;
uint256 s;
uint256 nA = a * numTokens;
for (uint256 i; i < numTokens; ) {
if (i != tokenIndex) {
s += xp[i];
c = (c * d) / (xp[i] * numTokens);
// If we were to protect the division loss we would have to keep the denominator separate
// and divide at the end. However this leads to overflow with large numTokens or/and D.
// c = c * D * D * D * ... overflow!
}
unchecked {
++i;
}
}
c = (c * d * Constants.A_PRECISION) / (nA * numTokens);
uint256 b = s + ((d * Constants.A_PRECISION) / nA);
uint256 yPrev;
// Select d as the starting point of the Newton method. Because y < D
// D is the best option as the starting point in case the pool is very imbalanced.
uint256 y = d;
for (uint256 i; i < Constants.MAX_LOOP_LIMIT; ) {
yPrev = y;
y = ((y * y) + c) / ((y * 2) + b - d);
if (y.within1(yPrev)) {
return y;
}
unchecked {
++i;
}
}
revert("Approximation did not converge");
}
/**
* @notice Get D, the StableSwap invariant, based on a set of balances and a particular A.
* @param xp a precision-adjusted set of pool balances. Array should be the same cardinality
* as the pool.
* @param a the amplification coefficient * n ** (n - 1) in A_PRECISION.
* See the StableSwap paper for details
* @return the invariant, at the precision of the pool
*/
function getD(uint256[] memory xp, uint256 a) internal pure returns (uint256) {
uint256 numTokens = xp.length;
uint256 s;
for (uint256 i; i < numTokens; ) {
s += xp[i];
unchecked {
++i;
}
}
if (s == 0) {
return 0;
}
uint256 prevD;
uint256 d = s;
uint256 nA = a * numTokens;
for (uint256 i; i < Constants.MAX_LOOP_LIMIT; ) {
uint256 dP = d;
for (uint256 j; j < numTokens; ) {
dP = (dP * d) / (xp[j] * numTokens);
// If we were to protect the division loss we would have to keep the denominator separate
// and divide at the end. However this leads to overflow with large numTokens or/and D.
// dP = dP * D * D * D * ... overflow!
unchecked {
++j;
}
}
prevD = d;
d =
(((nA * s) / Constants.A_PRECISION + dP * numTokens) * d) /
((((nA - Constants.A_PRECISION) * d) / Constants.A_PRECISION + (numTokens + 1) * dP));
if (d.within1(prevD)) {
return d;
}
unchecked {
++i;
}
}
// Convergence should occur in 4 loops or less. If this is reached, there may be something wrong
// with the pool. If this were to occur repeatedly, LPs should withdraw via `removeLiquidity()`
// function which does not rely on D.
revert("D does not converge");
}
/**
* @notice Given a set of balances and precision multipliers, return the
* precision-adjusted balances.
*
* @param balances an array of token balances, in their native precisions.
* These should generally correspond with pooled tokens.
*
* @param precisionMultipliers an array of multipliers, corresponding to
* the amounts in the balances array. When multiplied together they
* should yield amounts at the pool's precision.
*
* @return an array of amounts "scaled" to the pool's precision
*/
function _xp(uint256[] memory balances, uint256[] memory precisionMultipliers)
internal
pure
returns (uint256[] memory)
{
uint256 numTokens = balances.length;
require(numTokens == precisionMultipliers.length, "mismatch multipliers");
uint256[] memory xp = new uint256[](numTokens);
for (uint256 i; i < numTokens; ) {
xp[i] = balances[i] * precisionMultipliers[i];
unchecked {
++i;
}
}
return xp;
}
/**
* @notice Return the precision-adjusted balances of all tokens in the pool
* @param self Swap struct to read from
* @return the pool balances "scaled" to the pool's precision, allowing
* them to be more easily compared.
*/
function _xp(Swap storage self) internal view returns (uint256[] memory) {
return _xp(self.balances, self.tokenPrecisionMultipliers);
}
/**
* @notice Get the virtual price, to help calculate profit
* @param self Swap struct to read from
* @return the virtual price, scaled to precision of Constants.POOL_PRECISION_DECIMALS
*/
function getVirtualPrice(Swap storage self) internal view returns (uint256) {
uint256 d = getD(_xp(self), _getAPrecise(self));
LPToken lpToken = self.lpToken;
uint256 supply = lpToken.totalSupply();
if (supply != 0) {
return (d * (10**uint256(Constants.POOL_PRECISION_DECIMALS))) / supply;
}
return 0;
}
/**
* @notice Calculate the new balances of the tokens given the indexes of the token
* that is swapped from (FROM) and the token that is swapped to (TO).
* This function is used as a helper function to calculate how much TO token
* the user should receive on swap.
*
* @param preciseA precise form of amplification coefficient
* @param tokenIndexFrom index of FROM token
* @param tokenIndexTo index of TO token
* @param x the new total amount of FROM token
* @param xp balances of the tokens in the pool
* @return the amount of TO token that should remain in the pool
*/
function getY(
uint256 preciseA,
uint8 tokenIndexFrom,
uint8 tokenIndexTo,
uint256 x,
uint256[] memory xp
) internal pure returns (uint256) {
uint256 numTokens = xp.length;
require(tokenIndexFrom != tokenIndexTo, "compare token to itself");
require(tokenIndexFrom < numTokens && tokenIndexTo < numTokens, "token not found");
uint256 d = getD(xp, preciseA);
uint256 c = d;
uint256 s;
uint256 nA = numTokens * preciseA;
uint256 _x;
for (uint256 i; i < numTokens; ) {
if (i == tokenIndexFrom) {
_x = x;
} else if (i != tokenIndexTo) {
_x = xp[i];
} else {
unchecked {
++i;
}
continue;
}
s += _x;
c = (c * d) / (_x * numTokens);
// If we were to protect the division loss we would have to keep the denominator separate
// and divide at the end. However this leads to overflow with large numTokens or/and D.
// c = c * D * D * D * ... overflow!
unchecked {
++i;
}
}
c = (c * d * Constants.A_PRECISION) / (nA * numTokens);
uint256 b = s + ((d * Constants.A_PRECISION) / nA);
uint256 yPrev;
uint256 y = d;
// iterative approximation
for (uint256 i; i < Constants.MAX_LOOP_LIMIT; ) {
yPrev = y;
y = ((y * y) + c) / ((y * 2) + b - d);
if (y.within1(yPrev)) {
return y;
}
unchecked {
++i;
}
}
revert("Approximation did not converge");
}
/**
* @notice Externally calculates a swap between two tokens.
* @param self Swap struct to read from
* @param tokenIndexFrom the token to sell
* @param tokenIndexTo the token to buy
* @param dx the number of tokens to sell. If the token charges a fee on transfers,
* use the amount that gets transferred after the fee.
* @return dy the number of tokens the user will get
*/
function calculateSwap(
Swap storage self,
uint8 tokenIndexFrom,
uint8 tokenIndexTo,
uint256 dx
) internal view returns (uint256 dy) {
(dy, ) = _calculateSwap(self, tokenIndexFrom, tokenIndexTo, dx, self.balances);
}
/**
* @notice Externally calculates a swap between two tokens.
* @param self Swap struct to read from
* @param tokenIndexFrom the token to sell
* @param tokenIndexTo the token to buy
* @param dy the number of tokens to buy.
* @return dx the number of tokens the user have to transfer + fee
*/
function calculateSwapInv(
Swap storage self,
uint8 tokenIndexFrom,
uint8 tokenIndexTo,
uint256 dy
) internal view returns (uint256 dx) {
(dx, ) = _calculateSwapInv(self, tokenIndexFrom, tokenIndexTo, dy, self.balances);
}
/**
* @notice Internally calculates a swap between two tokens.
*
* @dev The caller is expected to transfer the actual amounts (dx and dy)
* using the token contracts.
*
* @param self Swap struct to read from
* @param tokenIndexFrom the token to sell
* @param tokenIndexTo the token to buy
* @param dx the number of tokens to sell. If the token charges a fee on transfers,
* use the amount that gets transferred after the fee.
* @return dy the number of tokens the user will get in the token's precision. ex WBTC -> 8
* @return dyFee the associated fee in multiplied precision (Constants.POOL_PRECISION_DECIMALS)
*/
function _calculateSwap(
Swap storage self,
uint8 tokenIndexFrom,
uint8 tokenIndexTo,
uint256 dx,
uint256[] memory balances
) internal view returns (uint256 dy, uint256 dyFee) {
uint256[] memory multipliers = self.tokenPrecisionMultipliers;
uint256[] memory xp = _xp(balances, multipliers);
require(tokenIndexFrom < xp.length && tokenIndexTo < xp.length, "index out of range");
uint256 x = dx * multipliers[tokenIndexFrom] + xp[tokenIndexFrom];
uint256 y = getY(_getAPrecise(self), tokenIndexFrom, tokenIndexTo, x, xp);
dy = xp[tokenIndexTo] - y - 1;
dyFee = (dy * self.swapFee) / Constants.FEE_DENOMINATOR;
dy = (dy - dyFee) / multipliers[tokenIndexTo];
}
/**
* @notice Internally calculates a swap between two tokens.
*
* @dev The caller is expected to transfer the actual amounts (dx and dy)
* using the token contracts.
*
* @param self Swap struct to read from
* @param tokenIndexFrom the token to sell
* @param tokenIndexTo the token to buy
* @param dy the number of tokens to buy. If the token charges a fee on transfers,
* use the amount that gets transferred after the fee.
* @return dx the number of tokens the user have to deposit in the token's precision. ex WBTC -> 8
* @return dxFee the associated fee in multiplied precision (Constants.POOL_PRECISION_DECIMALS)
*/
function _calculateSwapInv(
Swap storage self,
uint8 tokenIndexFrom,
uint8 tokenIndexTo,
uint256 dy,
uint256[] memory balances
) internal view returns (uint256 dx, uint256 dxFee) {
require(tokenIndexFrom != tokenIndexTo, "compare token to itself");
uint256[] memory multipliers = self.tokenPrecisionMultipliers;
uint256[] memory xp = _xp(balances, multipliers);
require(tokenIndexFrom < xp.length && tokenIndexTo < xp.length, "index out of range");
uint256 a = _getAPrecise(self);
uint256 d0 = getD(xp, a);
xp[tokenIndexTo] = xp[tokenIndexTo] - (dy * multipliers[tokenIndexTo]);
uint256 x = getYD(a, tokenIndexFrom, xp, d0);
dx = (x + 1) - xp[tokenIndexFrom];
dxFee = (dx * self.swapFee) / Constants.FEE_DENOMINATOR;
dx = (dx + dxFee) / multipliers[tokenIndexFrom];
}
/**
* @notice A simple method to calculate amount of each underlying
* tokens that is returned upon burning given amount of
* LP tokens
*
* @param amount the amount of LP tokens that would to be burned on
* withdrawal
* @return array of amounts of tokens user will receive
*/
function calculateRemoveLiquidity(Swap storage self, uint256 amount) internal view returns (uint256[] memory) {
return _calculateRemoveLiquidity(self.balances, amount, self.lpToken.totalSupply());
}
function _calculateRemoveLiquidity(
uint256[] memory balances,
uint256 amount,
uint256 totalSupply
) internal pure returns (uint256[] memory) {
require(amount <= totalSupply, "exceed total supply");
uint256 numBalances = balances.length;
uint256[] memory amounts = new uint256[](numBalances);
for (uint256 i; i < numBalances; ) {
amounts[i] = (balances[i] * amount) / totalSupply;
unchecked {
++i;
}
}
return amounts;
}
/**
* @notice A simple method to calculate prices from deposits or
* withdrawals, excluding fees but including slippage. This is
* helpful as an input into the various "min" parameters on calls
* to fight front-running
*
* @dev This shouldn't be used outside frontends for user estimates.
*
* @param self Swap struct to read from
* @param amounts an array of token amounts to deposit or withdrawal,
* corresponding to pooledTokens. The amount should be in each
* pooled token's native precision. If a token charges a fee on transfers,
* use the amount that gets transferred after the fee.
* @param deposit whether this is a deposit or a withdrawal
* @return if deposit was true, total amount of lp token that will be minted and if
* deposit was false, total amount of lp token that will be burned
*/
function calculateTokenAmount(
Swap storage self,
uint256[] calldata amounts,
bool deposit
) internal view returns (uint256) {
uint256[] memory balances = self.balances;
uint256 numBalances = balances.length;
require(amounts.length == numBalances, "invalid length of amounts");
uint256 a = _getAPrecise(self);
uint256[] memory multipliers = self.tokenPrecisionMultipliers;
uint256 d0 = getD(_xp(balances, multipliers), a);
for (uint256 i; i < numBalances; ) {
if (deposit) {
balances[i] = balances[i] + amounts[i];
} else {
balances[i] = balances[i] - amounts[i];
}
unchecked {
++i;
}
}
uint256 d1 = getD(_xp(balances, multipliers), a);
uint256 totalSupply = self.lpToken.totalSupply();
if (deposit) {
return ((d1 - d0) * totalSupply) / d0;
} else {
return ((d0 - d1) * totalSupply) / d0;
}
}
/**
* @notice return accumulated amount of admin fees of the token with given index
* @param self Swap struct to read from
* @param index Index of the pooled token
* @return admin balance in the token's precision
*/
function getAdminBalance(Swap storage self, uint256 index) internal view returns (uint256) {
require(index < self.pooledTokens.length, "index out of range");
return self.adminFees[index];
}
/**
* @notice internal helper function to calculate fee per token multiplier used in
* swap fee calculations
* @param swapFee swap fee for the tokens
* @param numTokens number of tokens pooled
*/
function _feePerToken(uint256 swapFee, uint256 numTokens) internal pure returns (uint256) {
return (swapFee * numTokens) / ((numTokens - 1) * 4);
}
/*** STATE MODIFYING FUNCTIONS ***/
/**
* @notice swap two tokens in the pool
* @param self Swap struct to read from and write to
* @param tokenIndexFrom the token the user wants to sell
* @param tokenIndexTo the token the user wants to buy
* @param dx the amount of tokens the user wants to sell
* @param minDy the min amount the user would like to receive, or revert.
* @return amount of token user received on swap
*/
function swap(
Swap storage self,
uint8 tokenIndexFrom,
uint8 tokenIndexTo,
uint256 dx,
uint256 minDy
) internal returns (uint256) {
require(!self.disabled, "disabled pool");
{
IERC20 tokenFrom = self.pooledTokens[tokenIndexFrom];
require(dx <= tokenFrom.balanceOf(msg.sender), "swap more than you own");
// Reverts for fee on transfer
AssetLogic.handleIncomingAsset(address(tokenFrom), dx);
}
uint256 dy;
uint256 dyFee;
uint256[] memory balances = self.balances;
(dy, dyFee) = _calculateSwap(self, tokenIndexFrom, tokenIndexTo, dx, balances);
require(dy >= minDy, "dy < minDy");
uint256 dyAdminFee = (dyFee * self.adminFee) /
Constants.FEE_DENOMINATOR /
self.tokenPrecisionMultipliers[tokenIndexTo];
self.balances[tokenIndexFrom] = balances[tokenIndexFrom] + dx;
self.balances[tokenIndexTo] = balances[tokenIndexTo] - dy - dyAdminFee;
if (dyAdminFee != 0) {
self.adminFees[tokenIndexTo] = self.adminFees[tokenIndexTo] + dyAdminFee;
}
AssetLogic.handleOutgoingAsset(address(self.pooledTokens[tokenIndexTo]), msg.sender, dy);
emit TokenSwap(self.key, msg.sender, dx, dy, tokenIndexFrom, tokenIndexTo);
return dy;
}
/**
* @notice swap two tokens in the pool
* @param self Swap struct to read from and write to
* @param tokenIndexFrom the token the user wants to sell
* @param tokenIndexTo the token the user wants to buy
* @param dy the amount of tokens the user wants to buy
* @param maxDx the max amount the user would like to send.
* @return amount of token user have to transfer on swap
*/
function swapOut(
Swap storage self,
uint8 tokenIndexFrom,
uint8 tokenIndexTo,
uint256 dy,
uint256 maxDx
) internal returns (uint256) {
require(!self.disabled, "disabled pool");
require(dy <= self.balances[tokenIndexTo], ">pool balance");
uint256 dx;
uint256 dxFee;
uint256[] memory balances = self.balances;
(dx, dxFee) = _calculateSwapInv(self, tokenIndexFrom, tokenIndexTo, dy, balances);
require(dx <= maxDx, "dx > maxDx");
uint256 dxAdminFee = (dxFee * self.adminFee) /
Constants.FEE_DENOMINATOR /
self.tokenPrecisionMultipliers[tokenIndexFrom];
self.balances[tokenIndexFrom] = balances[tokenIndexFrom] + dx - dxAdminFee;
self.balances[tokenIndexTo] = balances[tokenIndexTo] - dy;
if (dxAdminFee != 0) {
self.adminFees[tokenIndexFrom] = self.adminFees[tokenIndexFrom] + dxAdminFee;
}
{
IERC20 tokenFrom = self.pooledTokens[tokenIndexFrom];
require(dx <= tokenFrom.balanceOf(msg.sender), "more than you own");
// Reverts for fee on transfer
AssetLogic.handleIncomingAsset(address(tokenFrom), dx);
}
AssetLogic.handleOutgoingAsset(address(self.pooledTokens[tokenIndexTo]), msg.sender, dy);
emit TokenSwap(self.key, msg.sender, dx, dy, tokenIndexFrom, tokenIndexTo);
return dx;
}
/**
* @notice swap two tokens in the pool internally
* @param self Swap struct to read from and write to
* @param tokenIndexFrom the token the user wants to sell
* @param tokenIndexTo the token the user wants to buy
* @param dx the amount of tokens the user wants to sell
* @param minDy the min amount the user would like to receive, or revert.
* @return amount of token user received on swap
*/
function swapInternal(
Swap storage self,
uint8 tokenIndexFrom,
uint8 tokenIndexTo,
uint256 dx,
uint256 minDy
) internal returns (uint256) {
require(!self.disabled, "disabled pool");
require(dx <= self.balances[tokenIndexFrom], "more than pool balance");
uint256 dy;
uint256 dyFee;
uint256[] memory balances = self.balances;
(dy, dyFee) = _calculateSwap(self, tokenIndexFrom, tokenIndexTo, dx, balances);
require(dy >= minDy, "dy < minDy");
uint256 dyAdminFee = (dyFee * self.adminFee) /
Constants.FEE_DENOMINATOR /
self.tokenPrecisionMultipliers[tokenIndexTo];
self.balances[tokenIndexFrom] = balances[tokenIndexFrom] + dx;
self.balances[tokenIndexTo] = balances[tokenIndexTo] - dy - dyAdminFee;
if (dyAdminFee != 0) {
self.adminFees[tokenIndexTo] = self.adminFees[tokenIndexTo] + dyAdminFee;
}
emit TokenSwap(self.key, msg.sender, dx, dy, tokenIndexFrom, tokenIndexTo);
return dy;
}
/**
* @notice Should get exact amount out of AMM for asset put in
*/
function swapInternalOut(
Swap storage self,
uint8 tokenIndexFrom,
uint8 tokenIndexTo,
uint256 dy,
uint256 maxDx
) internal returns (uint256) {
require(!self.disabled, "disabled pool");
require(dy <= self.balances[tokenIndexTo], "more than pool balance");
uint256 dx;
uint256 dxFee;
uint256[] memory balances = self.balances;
(dx, dxFee) = _calculateSwapInv(self, tokenIndexFrom, tokenIndexTo, dy, balances);
require(dx <= maxDx, "dx > maxDx");
uint256 dxAdminFee = (dxFee * self.adminFee) /
Constants.FEE_DENOMINATOR /
self.tokenPrecisionMultipliers[tokenIndexFrom];
self.balances[tokenIndexFrom] = balances[tokenIndexFrom] + dx - dxAdminFee;
self.balances[tokenIndexTo] = balances[tokenIndexTo] - dy;
if (dxAdminFee != 0) {
self.adminFees[tokenIndexFrom] = self.adminFees[tokenIndexFrom] + dxAdminFee;
}
emit TokenSwap(self.key, msg.sender, dx, dy, tokenIndexFrom, tokenIndexTo);
return dx;
}
/**
* @notice Add liquidity to the pool
* @param self Swap struct to read from and write to
* @param amounts the amounts of each token to add, in their native precision
* @param minToMint the minimum LP tokens adding this amount of liquidity
* should mint, otherwise revert. Handy for front-running mitigation
* allowed addresses. If the pool is not in the guarded launch phase, this parameter will be ignored.
* @return amount of LP token user received
*/
function addLiquidity(
Swap storage self,
uint256[] memory amounts,
uint256 minToMint
) internal returns (uint256) {
require(!self.disabled, "disabled pool");
uint256 numTokens = self.pooledTokens.length;
require(amounts.length == numTokens, "mismatch pooled tokens");
// current state
ManageLiquidityInfo memory v = ManageLiquidityInfo(
0,
0,
0,
_getAPrecise(self),
self.lpToken,
0,
self.balances,
self.tokenPrecisionMultipliers
);
v.totalSupply = v.lpToken.totalSupply();
if (v.totalSupply != 0) {
v.d0 = getD(_xp(v.balances, v.multipliers), v.preciseA);
}
uint256[] memory newBalances = new uint256[](numTokens);
for (uint256 i; i < numTokens; ) {
require(v.totalSupply != 0 || amounts[i] != 0, "!supply all tokens");
// Transfer tokens first to see if a fee was charged on transfer
if (amounts[i] != 0) {
IERC20 token = self.pooledTokens[i];
// Reverts for fee on transfer
AssetLogic.handleIncomingAsset(address(token), amounts[i]);
}
newBalances[i] = v.balances[i] + amounts[i];
unchecked {
++i;
}
}
// invariant after change
v.d1 = getD(_xp(newBalances, v.multipliers), v.preciseA);
require(v.d1 > v.d0, "D should increase");
// updated to reflect fees and calculate the user's LP tokens
v.d2 = v.d1;
uint256[] memory fees = new uint256[](numTokens);
if (v.totalSupply != 0) {
uint256 feePerToken = _feePerToken(self.swapFee, numTokens);
for (uint256 i; i < numTokens; ) {
uint256 idealBalance = (v.d1 * v.balances[i]) / v.d0;
fees[i] = (feePerToken * (idealBalance.difference(newBalances[i]))) / Constants.FEE_DENOMINATOR;
uint256 adminFee = (fees[i] * self.adminFee) / Constants.FEE_DENOMINATOR;
self.balances[i] = newBalances[i] - adminFee;
self.adminFees[i] = self.adminFees[i] + adminFee;
newBalances[i] = newBalances[i] - fees[i];
unchecked {
++i;
}
}
v.d2 = getD(_xp(newBalances, v.multipliers), v.preciseA);
} else {
// the initial depositor doesn't pay fees
self.balances = newBalances;
}
uint256 toMint;
if (v.totalSupply == 0) {
toMint = v.d1;
} else {
toMint = ((v.d2 - v.d0) * v.totalSupply) / v.d0;
}
require(toMint >= minToMint, "mint < min");
// mint the user's LP tokens
v.lpToken.mint(msg.sender, toMint);
emit AddLiquidity(self.key, msg.sender, amounts, fees, v.d1, v.totalSupply + toMint);
return toMint;
}
/**
* @notice Burn LP tokens to remove liquidity from the pool.
* @dev Liquidity can always be removed, even when the pool is paused.
* @param self Swap struct to read from and write to
* @param amount the amount of LP tokens to burn
* @param minAmounts the minimum amounts of each token in the pool
* acceptable for this burn. Useful as a front-running mitigation
* @return amounts of tokens the user received
*/
function removeLiquidity(
Swap storage self,
uint256 amount,
uint256[] calldata minAmounts
) internal returns (uint256[] memory) {
LPToken lpToken = self.lpToken;
require(amount <= lpToken.balanceOf(msg.sender), ">LP.balanceOf");
uint256 numTokens = self.pooledTokens.length;
require(minAmounts.length == numTokens, "mismatch poolTokens");
uint256[] memory balances = self.balances;
uint256 totalSupply = lpToken.totalSupply();
uint256[] memory amounts = _calculateRemoveLiquidity(balances, amount, totalSupply);
uint256 numAmounts = amounts.length;
for (uint256 i; i < numAmounts; ) {
require(amounts[i] >= minAmounts[i], "amounts[i] < minAmounts[i]");
self.balances[i] = balances[i] - amounts[i];
AssetLogic.handleOutgoingAsset(address(self.pooledTokens[i]), msg.sender, amounts[i]);
unchecked {
++i;
}
}
lpToken.burnFrom(msg.sender, amount);
emit RemoveLiquidity(self.key, msg.sender, amounts, totalSupply - amount);
return amounts;
}
/**
* @notice Remove liquidity from the pool all in one token.
* @param self Swap struct to read from and write to
* @param tokenAmount the amount of the lp tokens to burn
* @param tokenIndex the index of the token you want to receive
* @param minAmount the minimum amount to withdraw, otherwise revert
* @return amount chosen token that user received
*/
function removeLiquidityOneToken(
Swap storage self,
uint256 tokenAmount,
uint8 tokenIndex,
uint256 minAmount
) internal returns (uint256) {
LPToken lpToken = self.lpToken;
require(tokenAmount <= lpToken.balanceOf(msg.sender), ">LP.balanceOf");
uint256 numTokens = self.pooledTokens.length;
require(tokenIndex < numTokens, "not found");
uint256 totalSupply = lpToken.totalSupply();
(uint256 dy, uint256 dyFee) = _calculateWithdrawOneToken(self, tokenAmount, tokenIndex, totalSupply);
require(dy >= minAmount, "dy < minAmount");
uint256 adminFee = (dyFee * self.adminFee) / Constants.FEE_DENOMINATOR;
self.balances[tokenIndex] = self.balances[tokenIndex] - (dy + adminFee);
if (adminFee != 0) {
self.adminFees[tokenIndex] = self.adminFees[tokenIndex] + adminFee;
}
lpToken.burnFrom(msg.sender, tokenAmount);
AssetLogic.handleOutgoingAsset(address(self.pooledTokens[tokenIndex]), msg.sender, dy);
emit RemoveLiquidityOne(self.key, msg.sender, tokenAmount, totalSupply, tokenIndex, dy);
return dy;
}
/**
* @notice Remove liquidity from the pool, weighted differently than the
* pool's current balances.
*
* @param self Swap struct to read from and write to
* @param amounts how much of each token to withdraw
* @param maxBurnAmount the max LP token provider is willing to pay to
* remove liquidity. Useful as a front-running mitigation.
* @return actual amount of LP tokens burned in the withdrawal
*/
function removeLiquidityImbalance(
Swap storage self,
uint256[] memory amounts,
uint256 maxBurnAmount
) internal returns (uint256) {
ManageLiquidityInfo memory v = ManageLiquidityInfo(
0,
0,
0,
_getAPrecise(self),
self.lpToken,
0,
self.balances,
self.tokenPrecisionMultipliers
);
v.totalSupply = v.lpToken.totalSupply();
uint256 numTokens = self.pooledTokens.length;
uint256 numAmounts = amounts.length;
require(numAmounts == numTokens, "mismatch pool tokens");
require(maxBurnAmount <= v.lpToken.balanceOf(msg.sender) && maxBurnAmount != 0, ">LP.balanceOf");
uint256 feePerToken = _feePerToken(self.swapFee, numTokens);
uint256[] memory fees = new uint256[](numTokens);
{
uint256[] memory balances1 = new uint256[](numTokens);
v.d0 = getD(_xp(v.balances, v.multipliers), v.preciseA);
for (uint256 i; i < numTokens; ) {
require(v.balances[i] >= amounts[i], "withdraw more than available");
unchecked {
balances1[i] = v.balances[i] - amounts[i];
++i;
}
}
v.d1 = getD(_xp(balances1, v.multipliers), v.preciseA);
for (uint256 i; i < numTokens; ) {
{
uint256 idealBalance = (v.d1 * v.balances[i]) / v.d0;
uint256 difference = idealBalance.difference(balances1[i]);
fees[i] = (feePerToken * difference) / Constants.FEE_DENOMINATOR;
}
uint256 adminFee = (fees[i] * self.adminFee) / Constants.FEE_DENOMINATOR;
self.balances[i] = balances1[i] - adminFee;
self.adminFees[i] = self.adminFees[i] + adminFee;
balances1[i] = balances1[i] - fees[i];
unchecked {
++i;
}
}
v.d2 = getD(_xp(balances1, v.multipliers), v.preciseA);
}
uint256 tokenAmount = ((v.d0 - v.d2) * v.totalSupply) / v.d0;
require(tokenAmount != 0, "!zero amount");
tokenAmount = tokenAmount + 1;
require(tokenAmount <= maxBurnAmount, "tokenAmount > maxBurnAmount");
v.lpToken.burnFrom(msg.sender, tokenAmount);
for (uint256 i; i < numTokens; ) {
AssetLogic.handleOutgoingAsset(address(self.pooledTokens[i]), msg.sender, amounts[i]);
unchecked {
++i;
}
}
emit RemoveLiquidityImbalance(self.key, msg.sender, amounts, fees, v.d1, v.totalSupply - tokenAmount);
return tokenAmount;
}
/**
* @notice withdraw all admin fees to a given address
* @param self Swap struct to withdraw fees from
* @param to Address to send the fees to
*/
function withdrawAdminFees(Swap storage self, address to) internal {
uint256 numTokens = self.pooledTokens.length;
for (uint256 i; i < numTokens; ) {
IERC20 token = self.pooledTokens[i];
uint256 balance = self.adminFees[i];
if (balance != 0) {
delete self.adminFees[i];
AssetLogic.handleOutgoingAsset(address(token), to, balance);
}
unchecked {
++i;
}
}
}
/**
* @notice Sets the admin fee
* @dev adminFee cannot be higher than 100% of the swap fee
* @param self Swap struct to update
* @param newAdminFee new admin fee to be applied on future transactions
*/
function setAdminFee(Swap storage self, uint256 newAdminFee) internal {
require(newAdminFee < Constants.MAX_ADMIN_FEE + 1, "too high");
self.adminFee = newAdminFee;
emit NewAdminFee(self.key, newAdminFee);
}
/**
* @notice update the swap fee
* @dev fee cannot be higher than 1% of each swap
* @param self Swap struct to update
* @param newSwapFee new swap fee to be applied on future transactions
*/
function setSwapFee(Swap storage self, uint256 newSwapFee) internal {
require(newSwapFee < Constants.MAX_SWAP_FEE + 1, "too high");
self.swapFee = newSwapFee;
emit NewSwapFee(self.key, newSwapFee);
}
/**
* @notice Check if this stableswap pool exists and is valid (i.e. has been
* initialized and tokens have been added).
* @return bool true if this stableswap pool is valid, false if not.
*/
function exists(Swap storage self) internal view returns (bool) {
return !self.disabled && self.pooledTokens.length != 0;
}
}// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity 0.8.17;
// ============= Structs =============
// Tokens are identified by a TokenId:
// domain - 4 byte chain ID of the chain from which the token originates
// id - 32 byte identifier of the token address on the origin chain, in that chain's address format
struct TokenId {
uint32 domain;
bytes32 id;
}// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity 0.8.17;
import {IOutbox} from "./IOutbox.sol";
/**
* @notice Each router extends the `XAppConnectionClient` contract. This contract
* allows an admin to call `setXAppConnectionManager` to update the underlying
* pointers to the messaging inboxes (Replicas) and outboxes (Homes).
*
* @dev This interface only contains the functions needed for the `XAppConnectionClient`
* will interface with.
*/
interface IConnectorManager {
/**
* @notice Get the local inbox contract from the xAppConnectionManager
* @return The local inbox contract
* @dev The local inbox contract is a SpokeConnector with AMBs, and a
* Home contract with nomad
*/
function home() external view returns (IOutbox);
/**
* @notice Determine whether _potentialReplica is an enrolled Replica from the xAppConnectionManager
* @return True if _potentialReplica is an enrolled Replica
*/
function isReplica(address _potentialReplica) external view returns (bool);
/**
* @notice Get the local domain from the xAppConnectionManager
* @return The local domain
*/
function localDomain() external view returns (uint32);
}// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity 0.8.17;
/**
* @notice Interface for all contracts sending messages originating on their
* current domain.
*
* @dev These are the Home.sol interface methods used by the `Router`
* and exposed via `home()` on the `XAppConnectionClient`
*/
interface IOutbox {
/**
* @notice Emitted when a new message is added to an outbound message merkle root
* @param leafIndex Index of message's leaf in merkle tree
* @param destinationAndNonce Destination and destination-specific
* nonce combined in single field ((destination << 32) & nonce)
* @param messageHash Hash of message; the leaf inserted to the Merkle tree for the message
* @param committedRoot the latest notarized root submitted in the last signed Update
* @param message Raw bytes of message
*/
event Dispatch(
bytes32 indexed messageHash,
uint256 indexed leafIndex,
uint64 indexed destinationAndNonce,
bytes32 committedRoot,
bytes message
);
/**
* @notice Dispatch the message it to the destination domain & recipient
* @dev Format the message, insert its hash into Merkle tree,
* enqueue the new Merkle root, and emit `Dispatch` event with message information.
* @param _destinationDomain Domain of destination chain
* @param _recipientAddress Address of recipient on destination chain as bytes32
* @param _messageBody Raw bytes content of message
* @return bytes32 The leaf added to the tree
*/
function dispatch(
uint32 _destinationDomain,
bytes32 _recipientAddress,
bytes memory _messageBody
) external returns (bytes32, bytes memory);
}// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity 0.8.17;
import {TypedMemView} from "./TypedMemView.sol";
library TypeCasts {
using TypedMemView for bytes;
using TypedMemView for bytes29;
// alignment preserving cast
function addressToBytes32(address _addr) internal pure returns (bytes32) {
return bytes32(uint256(uint160(_addr)));
}
// alignment preserving cast
function bytes32ToAddress(bytes32 _buf) internal pure returns (address) {
return address(uint160(uint256(_buf)));
}
}// SPDX-License-Identifier: MIT OR Apache-2.0
pragma solidity 0.8.17;
library TypedMemView {
// Why does this exist?
// the solidity `bytes memory` type has a few weaknesses.
// 1. You can't index ranges effectively
// 2. You can't slice without copying
// 3. The underlying data may represent any type
// 4. Solidity never deallocates memory, and memory costs grow
// superlinearly
// By using a memory view instead of a `bytes memory` we get the following
// advantages:
// 1. Slices are done on the stack, by manipulating the pointer
// 2. We can index arbitrary ranges and quickly convert them to stack types
// 3. We can insert type info into the pointer, and typecheck at runtime
// This makes `TypedMemView` a useful tool for efficient zero-copy
// algorithms.
// Why bytes29?
// We want to avoid confusion between views, digests, and other common
// types so we chose a large and uncommonly used odd number of bytes
//
// Note that while bytes are left-aligned in a word, integers and addresses
// are right-aligned. This means when working in assembly we have to
// account for the 3 unused bytes on the righthand side
//
// First 5 bytes are a type flag.
// - ff_ffff_fffe is reserved for unknown type.
// - ff_ffff_ffff is reserved for invalid types/errors.
// next 12 are memory address
// next 12 are len
// bottom 3 bytes are empty
// Assumptions:
// - non-modification of memory.
// - No Solidity updates
// - - wrt free mem point
// - - wrt bytes representation in memory
// - - wrt memory addressing in general
// Usage:
// - create type constants
// - use `assertType` for runtime type assertions
// - - unfortunately we can't do this at compile time yet :(
// - recommended: implement modifiers that perform type checking
// - - e.g.
// - - `uint40 constant MY_TYPE = 3;`
// - - ` modifer onlyMyType(bytes29 myView) { myView.assertType(MY_TYPE); }`
// - instantiate a typed view from a bytearray using `ref`
// - use `index` to inspect the contents of the view
// - use `slice` to create smaller views into the same memory
// - - `slice` can increase the offset
// - - `slice can decrease the length`
// - - must specify the output type of `slice`
// - - `slice` will return a null view if you try to overrun
// - - make sure to explicitly check for this with `notNull` or `assertType`
// - use `equal` for typed comparisons.
// The null view
bytes29 public constant NULL = hex"ffffffffffffffffffffffffffffffffffffffffffffffffffffffffff";
uint256 constant LOW_12_MASK = 0xffffffffffffffffffffffff;
uint256 constant TWENTY_SEVEN_BYTES = 8 * 27;
uint256 private constant _27_BYTES_IN_BITS = 8 * 27; // <--- also used this named constant where ever 216 is used.
uint256 private constant LOW_27_BYTES_MASK = 0xffffffffffffffffffffffffffffffffffffffffffffffffffffff; // (1 << _27_BYTES_IN_BITS) - 1;
// ========== Custom Errors ===========
error TypedMemView__assertType_typeAssertionFailed(uint256 actual, uint256 expected);
error TypedMemView__index_overrun(uint256 loc, uint256 len, uint256 index, uint256 slice);
error TypedMemView__index_indexMoreThan32Bytes();
error TypedMemView__unsafeCopyTo_nullPointer();
error TypedMemView__unsafeCopyTo_invalidPointer();
error TypedMemView__unsafeCopyTo_identityOOG();
error TypedMemView__assertValid_validityAssertionFailed();
/**
* @notice Changes the endianness of a uint256.
* @dev https://graphics.stanford.edu/~seander/bithacks.html#ReverseParallel
* @param _b The unsigned integer to reverse
* @return v - The reversed value
*/
function reverseUint256(uint256 _b) internal pure returns (uint256 v) {
v = _b;
// swap bytes
v =
((v >> 8) & 0x00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF) |
((v & 0x00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF00FF) << 8);
// swap 2-byte long pairs
v =
((v >> 16) & 0x0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF) |
((v & 0x0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF0000FFFF) << 16);
// swap 4-byte long pairs
v =
((v >> 32) & 0x00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF) |
((v & 0x00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF00000000FFFFFFFF) << 32);
// swap 8-byte long pairs
v =
((v >> 64) & 0x0000000000000000FFFFFFFFFFFFFFFF0000000000000000FFFFFFFFFFFFFFFF) |
((v & 0x0000000000000000FFFFFFFFFFFFFFFF0000000000000000FFFFFFFFFFFFFFFF) << 64);
// swap 16-byte long pairs
v = (v >> 128) | (v << 128);
}
/**
* @notice Create a mask with the highest `_len` bits set.
* @param _len The length
* @return mask - The mask
*/
function leftMask(uint8 _len) private pure returns (uint256 mask) {
// ugly. redo without assembly?
assembly {
// solhint-disable-previous-line no-inline-assembly
mask := sar(sub(_len, 1), 0x8000000000000000000000000000000000000000000000000000000000000000)
}
}
/**
* @notice Return the null view.
* @return bytes29 - The null view
*/
function nullView() internal pure returns (bytes29) {
return NULL;
}
/**
* @notice Check if the view is null.
* @return bool - True if the view is null
*/
function isNull(bytes29 memView) internal pure returns (bool) {
return memView == NULL;
}
/**
* @notice Check if the view is not null.
* @return bool - True if the view is not null
*/
function notNull(bytes29 memView) internal pure returns (bool) {
return !isNull(memView);
}
/**
* @notice Check if the view is of a invalid type and points to a valid location
* in memory.
* @dev We perform this check by examining solidity's unallocated memory
* pointer and ensuring that the view's upper bound is less than that.
* @param memView The view
* @return ret - True if the view is invalid
*/
function isNotValid(bytes29 memView) internal pure returns (bool ret) {
if (typeOf(memView) == 0xffffffffff) {
return true;
}
uint256 _end = end(memView);
assembly {
// solhint-disable-previous-line no-inline-assembly
ret := gt(_end, mload(0x40))
}
}
/**
* @notice Require that a typed memory view be valid.
* @dev Returns the view for easy chaining.
* @param memView The view
* @return bytes29 - The validated view
*/
function assertValid(bytes29 memView) internal pure returns (bytes29) {
if (isNotValid(memView)) revert TypedMemView__assertValid_validityAssertionFailed();
return memView;
}
/**
* @notice Return true if the memview is of the expected type. Otherwise false.
* @param memView The view
* @param _expected The expected type
* @return bool - True if the memview is of the expected type
*/
function isType(bytes29 memView, uint40 _expected) internal pure returns (bool) {
return typeOf(memView) == _expected;
}
/**
* @notice Require that a typed memory view has a specific type.
* @dev Returns the view for easy chaining.
* @param memView The view
* @param _expected The expected type
* @return bytes29 - The view with validated type
*/
function assertType(bytes29 memView, uint40 _expected) internal pure returns (bytes29) {
if (!isType(memView, _expected)) {
revert TypedMemView__assertType_typeAssertionFailed(uint256(typeOf(memView)), uint256(_expected));
}
return memView;
}
/**
* @notice Return an identical view with a different type.
* @param memView The view
* @param _newType The new type
* @return newView - The new view with the specified type
*/
function castTo(bytes29 memView, uint40 _newType) internal pure returns (bytes29 newView) {
// then | in the new type
assembly {
// solhint-disable-previous-line no-inline-assembly
// shift off the top 5 bytes
newView := or(and(memView, LOW_27_BYTES_MASK), shl(_27_BYTES_IN_BITS, _newType))
}
}
/**
* @notice Unsafe raw pointer construction. This should generally not be called
* directly. Prefer `ref` wherever possible.
* @dev Unsafe raw pointer construction. This should generally not be called
* directly. Prefer `ref` wherever possible.
* @param _type The type
* @param _loc The memory address
* @param _len The length
* @return newView - The new view with the specified type, location and length
*/
function unsafeBuildUnchecked(
uint256 _type,
uint256 _loc,
uint256 _len
) private pure returns (bytes29 newView) {
uint256 _uint96Bits = 96;
uint256 _emptyBits = 24;
// Cast params to ensure input is of correct length
uint96 len_ = uint96(_len);
uint96 loc_ = uint96(_loc);
require(len_ == _len && loc_ == _loc, "!truncated");
assembly {
// solium-disable-previous-line security/no-inline-assembly
newView := shl(_uint96Bits, _type) // insert type
newView := shl(_uint96Bits, or(newView, loc_)) // insert loc
newView := shl(_emptyBits, or(newView, len_)) // empty bottom 3 bytes
}
}
/**
* @notice Instantiate a new memory view. This should generally not be called
* directly. Prefer `ref` wherever possible.
* @dev Instantiate a new memory view. This should generally not be called
* directly. Prefer `ref` wherever possible.
* @param _type The type
* @param _loc The memory address
* @param _len The length
* @return newView - The new view with the specified type, location and length
*/
function build(
uint256 _type,
uint256 _loc,
uint256 _len
) internal pure returns (bytes29 newView) {
uint256 _end = _loc + _len;
assembly {
// solhint-disable-previous-line no-inline-assembly
if gt(_end, mload(0x40)) {
_end := 0
}
}
if (_end == 0) {
return NULL;
}
newView = unsafeBuildUnchecked(_type, _loc, _len);
}
/**
* @notice Instantiate a memory view from a byte array.
* @dev Note that due to Solidity memory representation, it is not possible to
* implement a deref, as the `bytes` type stores its len in memory.
* @param arr The byte array
* @param newType The type
* @return bytes29 - The memory view
*/
function ref(bytes memory arr, uint40 newType) internal pure returns (bytes29) {
uint256 _len = arr.length;
uint256 _loc;
assembly {
// solhint-disable-previous-line no-inline-assembly
_loc := add(arr, 0x20) // our view is of the data, not the struct
}
return build(newType, _loc, _len);
}
/**
* @notice Return the associated type information.
* @param memView The memory view
* @return _type - The type associated with the view
*/
function typeOf(bytes29 memView) internal pure returns (uint40 _type) {
assembly {
// solhint-disable-previous-line no-inline-assembly
// 216 == 256 - 40
_type := shr(_27_BYTES_IN_BITS, memView) // shift out lower 24 bytes
}
}
/**
* @notice Return the memory address of the underlying bytes.
* @param memView The view
* @return _loc - The memory address
*/
function loc(bytes29 memView) internal pure returns (uint96 _loc) {
uint256 _mask = LOW_12_MASK; // assembly can't use globals
assembly {
// solhint-disable-previous-line no-inline-assembly
// 120 bits = 12 bytes (the encoded loc) + 3 bytes (empty low space)
_loc := and(shr(120, memView), _mask)
}
}
/**
* @notice The number of memory words this memory view occupies, rounded up.
* @param memView The view
* @return uint256 - The number of memory words
*/
function words(bytes29 memView) internal pure returns (uint256) {
return (uint256(len(memView)) + 31) / 32;
}
/**
* @notice The in-memory footprint of a fresh copy of the view.
* @param memView The view
* @return uint256 - The in-memory footprint of a fresh copy of the view.
*/
function footprint(bytes29 memView) internal pure returns (uint256) {
return words(memView) * 32;
}
/**
* @notice The number of bytes of the view.
* @param memView The view
* @return _len - The length of the view
*/
function len(bytes29 memView) internal pure returns (uint96 _len) {
uint256 _mask = LOW_12_MASK; // assembly can't use globals
assembly {
// solhint-disable-previous-line no-inline-assembly
_len := and(shr(24, memView), _mask)
}
}
/**
* @notice Returns the endpoint of `memView`.
* @param memView The view
* @return uint256 - The endpoint of `memView`
*/
function end(bytes29 memView) internal pure returns (uint256) {
unchecked {
return loc(memView) + len(memView);
}
}
/**
* @notice Safe slicing without memory modification.
* @param memView The view
* @param _index The start index
* @param _len The length
* @param newType The new type
* @return bytes29 - The new view
*/
function slice(
bytes29 memView,
uint256 _index,
uint256 _len,
uint40 newType
) internal pure returns (bytes29) {
uint256 _loc = loc(memView);
// Ensure it doesn't overrun the view
if (_loc + _index + _len > end(memView)) {
return NULL;
}
_loc = _loc + _index;
return build(newType, _loc, _len);
}
/**
* @notice Shortcut to `slice`. Gets a view representing the first `_len` bytes.
* @param memView The view
* @param _len The length
* @param newType The new type
* @return bytes29 - The new view
*/
function prefix(
bytes29 memView,
uint256 _len,
uint40 newType
) internal pure returns (bytes29) {
return slice(memView, 0, _len, newType);
}
/**
* @notice Shortcut to `slice`. Gets a view representing the last `_len` byte.
* @param memView The view
* @param _len The length
* @param newType The new type
* @return bytes29 - The new view
*/
function postfix(
bytes29 memView,
uint256 _len,
uint40 newType
) internal pure returns (bytes29) {
return slice(memView, uint256(len(memView)) - _len, _len, newType);
}
/**
* @notice Load up to 32 bytes from the view onto the stack.
* @dev Returns a bytes32 with only the `_bytes` highest bytes set.
* This can be immediately cast to a smaller fixed-length byte array.
* To automatically cast to an integer, use `indexUint`.
* @param memView The view
* @param _index The index
* @param _bytes The bytes
* @return result - The 32 byte result
*/
function index(
bytes29 memView,
uint256 _index,
uint8 _bytes
) internal pure returns (bytes32 result) {
if (_bytes == 0) {
return bytes32(0);
}
if (_index + _bytes > len(memView)) {
// "TypedMemView/index - Overran the view. Slice is at {loc} with length {len}. Attempted to index at offset {index} with length {slice},
revert TypedMemView__index_overrun(loc(memView), len(memView), _index, uint256(_bytes));
}
if (_bytes > 32) revert TypedMemView__index_indexMoreThan32Bytes();
uint8 bitLength;
unchecked {
bitLength = _bytes * 8;
}
uint256 _loc = loc(memView);
uint256 _mask = leftMask(bitLength);
assembly {
// solhint-disable-previous-line no-inline-assembly
result := and(mload(add(_loc, _index)), _mask)
}
}
/**
* @notice Parse an unsigned integer from the view at `_index`.
* @dev Requires that the view have >= `_bytes` bytes following that index.
* @param memView The view
* @param _index The index
* @param _bytes The bytes
* @return result - The unsigned integer
*/
function indexUint(
bytes29 memView,
uint256 _index,
uint8 _bytes
) internal pure returns (uint256 result) {
return uint256(index(memView, _index, _bytes)) >> ((32 - _bytes) * 8);
}
/**
* @notice Parse an unsigned integer from LE bytes.
* @param memView The view
* @param _index The index
* @param _bytes The bytes
* @return result - The unsigned integer
*/
function indexLEUint(
bytes29 memView,
uint256 _index,
uint8 _bytes
) internal pure returns (uint256 result) {
return reverseUint256(uint256(index(memView, _index, _bytes)));
}
/**
* @notice Parse an address from the view at `_index`. Requires that the view have >= 20 bytes
* following that index.
* @param memView The view
* @param _index The index
* @return address - The address
*/
function indexAddress(bytes29 memView, uint256 _index) internal pure returns (address) {
return address(uint160(indexUint(memView, _index, 20)));
}
/**
* @notice Return the keccak256 hash of the underlying memory
* @param memView The view
* @return digest - The keccak256 hash of the underlying memory
*/
function keccak(bytes29 memView) internal pure returns (bytes32 digest) {
uint256 _loc = loc(memView);
uint256 _len = len(memView);
assembly {
// solhint-disable-previous-line no-inline-assembly
digest := keccak256(_loc, _len)
}
}
/**
* @notice Return true if the underlying memory is equal. Else false.
* @param left The first view
* @param right The second view
* @return bool - True if the underlying memory is equal
*/
function untypedEqual(bytes29 left, bytes29 right) internal pure returns (bool) {
return (loc(left) == loc(right) && len(left) == len(right)) || keccak(left) == keccak(right);
}
/**
* @notice Return false if the underlying memory is equal. Else true.
* @param left The first view
* @param right The second view
* @return bool - False if the underlying memory is equal
*/
function untypedNotEqual(bytes29 left, bytes29 right) internal pure returns (bool) {
return !untypedEqual(left, right);
}
/**
* @notice Compares type equality.
* @dev Shortcuts if the pointers are identical, otherwise compares type and digest.
* @param left The first view
* @param right The second view
* @return bool - True if the types are the same
*/
function equal(bytes29 left, bytes29 right) internal pure returns (bool) {
return left == right || (typeOf(left) == typeOf(right) && keccak(left) == keccak(right));
}
/**
* @notice Compares type inequality.
* @dev Shortcuts if the pointers are identical, otherwise compares type and digest.
* @param left The first view
* @param right The second view
* @return bool - True if the types are not the same
*/
function notEqual(bytes29 left, bytes29 right) internal pure returns (bool) {
return !equal(left, right);
}
/**
* @notice Copy the view to a location, return an unsafe memory reference
* @dev Super Dangerous direct memory access.
*
* This reference can be overwritten if anything else modifies memory (!!!).
* As such it MUST be consumed IMMEDIATELY.
* This function is private to prevent unsafe usage by callers.
* @param memView The view
* @param _newLoc The new location
* @return written - the unsafe memory reference
*/
function unsafeCopyTo(bytes29 memView, uint256 _newLoc) private view returns (bytes29 written) {
if (isNull(memView)) revert TypedMemView__unsafeCopyTo_nullPointer();
if (isNotValid(memView)) revert TypedMemView__unsafeCopyTo_invalidPointer();
uint256 _len = len(memView);
uint256 _oldLoc = loc(memView);
uint256 ptr;
bool res;
assembly {
// solhint-disable-previous-line no-inline-assembly
ptr := mload(0x40)
// revert if we're writing in occupied memory
if gt(ptr, _newLoc) {
revert(0x60, 0x20) // empty revert message
}
// use the identity precompile to copy
// guaranteed not to fail, so pop the success
res := staticcall(gas(), 4, _oldLoc, _len, _newLoc, _len)
}
if (!res) revert TypedMemView__unsafeCopyTo_identityOOG();
written = unsafeBuildUnchecked(typeOf(memView), _newLoc, _len);
}
/**
* @notice Copies the referenced memory to a new loc in memory, returning a `bytes` pointing to
* the new memory
* @dev Shortcuts if the pointers are identical, otherwise compares type and digest.
* @param memView The view
* @return ret - The view pointing to the new memory
*/
function clone(bytes29 memView) internal view returns (bytes memory ret) {
uint256 ptr;
uint256 _len = len(memView);
assembly {
// solhint-disable-previous-line no-inline-assembly
ptr := mload(0x40) // load unused memory pointer
ret := ptr
}
unchecked {
unsafeCopyTo(memView, ptr + 0x20);
}
assembly {
// solhint-disable-previous-line no-inline-assembly
mstore(0x40, add(add(ptr, _len), 0x20)) // write new unused pointer
mstore(ptr, _len) // write len of new array (in bytes)
}
}
/**
* @notice Join the views in memory, return an unsafe reference to the memory.
* @dev Super Dangerous direct memory access.
*
* This reference can be overwritten if anything else modifies memory (!!!).
* As such it MUST be consumed IMMEDIATELY.
* This function is private to prevent unsafe usage by callers.
* @param memViews The views
* @return unsafeView - The conjoined view pointing to the new memory
*/
function unsafeJoin(bytes29[] memory memViews, uint256 _location) private view returns (bytes29 unsafeView) {
assembly {
// solhint-disable-previous-line no-inline-assembly
let ptr := mload(0x40)
// revert if we're writing in occupied memory
if gt(ptr, _location) {
revert(0x60, 0x20) // empty revert message
}
}
uint256 _offset = 0;
uint256 _len = memViews.length;
for (uint256 i = 0; i < _len; ) {
bytes29 memView = memViews[i];
unchecked {
unsafeCopyTo(memView, _location + _offset);
_offset += len(memView);
++i;
}
}
unsafeView = unsafeBuildUnchecked(0, _location, _offset);
}
/**
* @notice Produce the keccak256 digest of the concatenated contents of multiple views.
* @param memViews The views
* @return bytes32 - The keccak256 digest
*/
function joinKeccak(bytes29[] memory memViews) internal view returns (bytes32) {
uint256 ptr;
assembly {
// solhint-disable-previous-line no-inline-assembly
ptr := mload(0x40) // load unused memory pointer
}
return keccak(unsafeJoin(memViews, ptr));
}
/**
* @notice copies all views, joins them into a new bytearray.
* @param memViews The views
* @return ret - The new byte array
*/
function join(bytes29[] memory memViews) internal view returns (bytes memory ret) {
uint256 ptr;
assembly {
// solhint-disable-previous-line no-inline-assembly
ptr := mload(0x40) // load unused memory pointer
}
bytes29 _newView;
unchecked {
_newView = unsafeJoin(memViews, ptr + 0x20);
}
uint256 _written = len(_newView);
uint256 _footprint = footprint(_newView);
assembly {
// solhint-disable-previous-line no-inline-assembly
// store the legnth
mstore(ptr, _written)
// new pointer is old + 0x20 + the footprint of the body
mstore(0x40, add(add(ptr, _footprint), 0x20))
ret := ptr
}
}
}{
"evmVersion": "london",
"libraries": {},
"metadata": {
"bytecodeHash": "ipfs",
"useLiteralContent": true
},
"optimizer": {
"enabled": true,
"runs": 200
},
"remappings": [],
"outputSelection": {
"*": {
"*": [
"evm.bytecode",
"evm.deployedBytecode",
"devdoc",
"userdoc",
"metadata",
"abi"
]
}
}
}[{"inputs":[],"name":"AssetLogic__getConfig_notRegistered","type":"error"},{"inputs":[],"name":"BaseConnextFacet__getAdoptedAsset_assetNotFound","type":"error"},{"inputs":[],"name":"BaseConnextFacet__getApprovedCanonicalId_notAllowlisted","type":"error"},{"inputs":[],"name":"BaseConnextFacet__nonReentrant_reentrantCall","type":"error"},{"inputs":[],"name":"BaseConnextFacet__nonXCallReentrant_reentrantCall","type":"error"},{"inputs":[],"name":"BaseConnextFacet__onlyOwnerOrAdmin_notOwnerOrAdmin","type":"error"},{"inputs":[],"name":"BaseConnextFacet__onlyOwnerOrRouter_notOwnerOrRouter","type":"error"},{"inputs":[],"name":"BaseConnextFacet__onlyOwnerOrWatcher_notOwnerOrWatcher","type":"error"},{"inputs":[],"name":"BaseConnextFacet__onlyOwner_notOwner","type":"error"},{"inputs":[],"name":"BaseConnextFacet__onlyProposed_notProposedOwner","type":"error"},{"inputs":[],"name":"BaseConnextFacet__whenNotPaused_paused","type":"error"},{"inputs":[],"name":"TokenFacet__addAssetId_alreadyAdded","type":"error"},{"inputs":[],"name":"TokenFacet__addAssetId_badBurn","type":"error"},{"inputs":[],"name":"TokenFacet__addAssetId_badMint","type":"error"},{"inputs":[],"name":"TokenFacet__enrollAdoptedAndLocalAssets_emptyCanonical","type":"error"},{"inputs":[],"name":"TokenFacet__removeAssetId_invalidParams","type":"error"},{"inputs":[],"name":"TokenFacet__removeAssetId_notAdded","type":"error"},{"inputs":[],"name":"TokenFacet__removeAssetId_remainsCustodied","type":"error"},{"inputs":[],"name":"TokenFacet__setLiquidityCap_notCanonicalDomain","type":"error"},{"inputs":[],"name":"TokenFacet__setupAssetWithDeployedRepresentation_invalidRepresentation","type":"error"},{"inputs":[],"name":"TokenFacet__setupAssetWithDeployedRepresentation_onCanonicalDomain","type":"error"},{"inputs":[],"name":"TokenFacet__setupAsset_invalidCanonicalConfiguration","type":"error"},{"inputs":[],"name":"TokenFacet__setupAsset_representationListed","type":"error"},{"inputs":[],"name":"TokenFacet__updateDetails_localNotFound","type":"error"},{"inputs":[],"name":"TokenFacet__updateDetails_notApproved","type":"error"},{"inputs":[],"name":"TokenFacet__updateDetails_onlyRemote","type":"error"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"bytes32","name":"key","type":"bytes32"},{"indexed":true,"internalType":"bytes32","name":"canonicalId","type":"bytes32"},{"indexed":true,"internalType":"uint32","name":"domain","type":"uint32"},{"indexed":false,"internalType":"address","name":"adoptedAsset","type":"address"},{"indexed":false,"internalType":"address","name":"localAsset","type":"address"},{"indexed":false,"internalType":"address","name":"caller","type":"address"}],"name":"AssetAdded","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"bytes32","name":"key","type":"bytes32"},{"indexed":false,"internalType":"address","name":"caller","type":"address"}],"name":"AssetRemoved","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"bytes32","name":"key","type":"bytes32"},{"indexed":true,"internalType":"bytes32","name":"canonicalId","type":"bytes32"},{"indexed":true,"internalType":"uint32","name":"domain","type":"uint32"},{"indexed":false,"internalType":"uint256","name":"cap","type":"uint256"},{"indexed":false,"internalType":"address","name":"caller","type":"address"}],"name":"LiquidityCapUpdated","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"bytes32","name":"key","type":"bytes32"},{"indexed":true,"internalType":"bytes32","name":"canonicalId","type":"bytes32"},{"indexed":true,"internalType":"uint32","name":"domain","type":"uint32"},{"indexed":false,"internalType":"address","name":"swapPool","type":"address"},{"indexed":false,"internalType":"address","name":"caller","type":"address"}],"name":"StableSwapAdded","type":"event"},{"anonymous":false,"inputs":[{"indexed":true,"internalType":"uint32","name":"domain","type":"uint32"},{"indexed":true,"internalType":"bytes32","name":"id","type":"bytes32"},{"indexed":true,"internalType":"address","name":"representation","type":"address"}],"name":"TokenDeployed","type":"event"},{"inputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"_canonical","type":"tuple"},{"internalType":"address","name":"_stableSwapPool","type":"address"}],"name":"addStableSwapPool","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"_adopted","type":"address"}],"name":"adoptedToCanonical","outputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"","type":"tuple"}],"stateMutability":"view","type":"function"},{"inputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"_canonical","type":"tuple"}],"name":"adoptedToLocalExternalPools","outputs":[{"internalType":"contract IStableSwap","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"_key","type":"bytes32"}],"name":"adoptedToLocalExternalPools","outputs":[{"internalType":"contract IStableSwap","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"_key","type":"bytes32"}],"name":"approvedAssets","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"_canonical","type":"tuple"}],"name":"approvedAssets","outputs":[{"internalType":"bool","name":"","type":"bool"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"_key","type":"bytes32"}],"name":"canonicalToAdopted","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"_canonical","type":"tuple"}],"name":"canonicalToAdopted","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"_key","type":"bytes32"}],"name":"canonicalToRepresentation","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"_canonical","type":"tuple"}],"name":"canonicalToRepresentation","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"_key","type":"bytes32"}],"name":"getCustodiedAmount","outputs":[{"internalType":"uint256","name":"","type":"uint256"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"bytes32","name":"_id","type":"bytes32"},{"internalType":"uint32","name":"_domain","type":"uint32"}],"name":"getLocalAndAdoptedToken","outputs":[{"internalType":"address","name":"","type":"address"},{"internalType":"address","name":"","type":"address"}],"stateMutability":"view","type":"function"},{"inputs":[{"internalType":"address","name":"_candidate","type":"address"}],"name":"getTokenId","outputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"","type":"tuple"}],"stateMutability":"view","type":"function"},{"inputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"_canonical","type":"tuple"},{"internalType":"address","name":"_adoptedAssetId","type":"address"},{"internalType":"address","name":"_representation","type":"address"}],"name":"removeAssetId","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"bytes32","name":"_key","type":"bytes32"},{"internalType":"address","name":"_adoptedAssetId","type":"address"},{"internalType":"address","name":"_representation","type":"address"}],"name":"removeAssetId","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"internalType":"address","name":"_representation","type":"address"}],"name":"representationToCanonical","outputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"","type":"tuple"}],"stateMutability":"view","type":"function"},{"inputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"_canonical","type":"tuple"},{"internalType":"uint8","name":"_canonicalDecimals","type":"uint8"},{"internalType":"string","name":"_representationName","type":"string"},{"internalType":"string","name":"_representationSymbol","type":"string"},{"internalType":"address","name":"_adoptedAssetId","type":"address"},{"internalType":"address","name":"_stableSwapPool","type":"address"},{"internalType":"uint256","name":"_cap","type":"uint256"}],"name":"setupAsset","outputs":[{"internalType":"address","name":"_local","type":"address"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"_canonical","type":"tuple"},{"internalType":"address","name":"_representation","type":"address"},{"internalType":"address","name":"_adoptedAssetId","type":"address"},{"internalType":"address","name":"_stableSwapPool","type":"address"}],"name":"setupAssetWithDeployedRepresentation","outputs":[{"internalType":"address","name":"","type":"address"}],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"_canonical","type":"tuple"},{"internalType":"string","name":"_name","type":"string"},{"internalType":"string","name":"_symbol","type":"string"}],"name":"updateDetails","outputs":[],"stateMutability":"nonpayable","type":"function"},{"inputs":[{"components":[{"internalType":"uint32","name":"domain","type":"uint32"},{"internalType":"bytes32","name":"id","type":"bytes32"}],"internalType":"struct TokenId","name":"_canonical","type":"tuple"},{"internalType":"uint256","name":"_updated","type":"uint256"}],"name":"updateLiquidityCap","outputs":[],"stateMutability":"nonpayable","type":"function"}]Contract Creation Code
608060405234801561001057600080fd5b50613a2d806100206000396000f3fe60806040523480156200001157600080fd5b5060043610620001455760003560e01c80639b59851911620000bb578063bd8671a7116200007a578063bd8671a714620003ff578063c40584291462000416578063e1cb3958146200042d578063e9d7bcec1462000444578063f1537686146200045b57600080fd5b80639b5985191462000374578063a1b1930114620003a3578063ad4c777114620003ba578063ae8bc0de14620003d1578063b64a5e0714620003e857600080fd5b806357bd0a32116200010857806357bd0a32146200026c5780635a2164e514620002ad5780636006209114620002c457806380dc22481462000328578063949de969146200033f57600080fd5b806303e418c2146200014a57806307a38d7b14620001d45780631506e463146200020c5780631ecf6f9f14620002255780632c1999d01462000255575b600080fd5b620001ae6200015b36600462001a89565b6040805180820190915260008082526020820152506040805180820182526001600160a01b03909216600081815260066020818152938220805463ffffffff168652929091528252600101549082015290565b60408051825163ffffffff16815260209283015192810192909252015b60405180910390f35b620001eb620001e536600462001abc565b62000472565b604080516001600160a01b03938416815292909116602083015201620001cb565b620002236200021d36600462001b04565b62000498565b005b6200023c6200023636600462001b34565b62000534565b6040516001600160a01b039091168152602001620001cb565b6200023c6200026636600462001b34565b62000547565b6200029c6200027d36600462001b34565b600090815260076020526040902060020154600160a01b900460ff1690565b6040519015158152602001620001cb565b62000223620002be36600462001b4e565b62000554565b620001ae620002d536600462001a89565b6040805180820190915260008082526020820152506040805180820182526001600160a01b03909216600081815260056020818152938220805463ffffffff168652929091528252600101549082015290565b6200023c6200033936600462001b99565b620005fc565b620003656200035036600462001b34565b60009081526007602052604090206004015490565b604051908152602001620001cb565b6200023c6200038536600462001b34565b6000908152600760205260409020600201546001600160a01b031690565b62000223620003b436600462001bb8565b62000619565b6200023c620003cb36600462001b99565b620006c6565b6200029c620003e236600462001b99565b620006e9565b6200023c620003f936600462001cae565b62000706565b6200023c6200041036600462001b99565b620008d7565b620002236200042736600462001d71565b620008fa565b6200023c6200043e36600462001def565b62000a96565b620002236200045536600462001e4d565b62000c06565b620001ae6200046c36600462001a89565b62000c97565b6000806200048d62000485858562000cb6565b858562000cf9565b915091509250929050565b33620004a362000d2a565b6001600160a01b031614158015620004e2575060033360009081526014602052604090205460ff166003811115620004df57620004df62001e7b565b14155b156200050157604051637b32c26b60e01b815260040160405180910390fd5b600062000520602084018035906200051a908662001e91565b62000cb6565b90506200052f83838362000d58565b505050565b6000620005418262000df3565b92915050565b6000620005418262000e12565b336200055f62000d2a565b6001600160a01b0316141580156200059e575060033360009081526014602052604090205460ff1660038111156200059b576200059b62001e7b565b14155b15620005bd57604051637b32c26b60e01b815260040160405180910390fd5b6000620005d6602085018035906200051a908762001e91565b9050620005f6818484620005f03689900389018962001eaf565b62000e4e565b50505050565b60006200054162000385602084018035906200051a908662001e91565b336200062462000d2a565b6001600160a01b03161415801562000663575060033360009081526014602052604090205460ff16600381111562000660576200066062001e7b565b14155b156200068257604051637b32c26b60e01b815260040160405180910390fd5b6001600160a01b0382166000908152600560209081526040918290208251808401909352805463ffffffff1683526001015490820152620005f68484848462000e4e565b600062000541620006e3602084018035906200051a908662001e91565b62000df3565b6000620005416200027d602084018035906200051a908662001e91565b6000336200071362000d2a565b6001600160a01b03161415801562000752575060033360009081526014602052604090205460ff1660038111156200074f576200074f62001e7b565b14155b156200077157604051637b32c26b60e01b815260040160405180910390fd5b60006200078a60208a018035906200051a908c62001e91565b60045490915060009063ffffffff16620007a860208c018c62001e91565b63ffffffff161490508015620008385760208a013592506001600160a01b03861615801590620007ea5750826001600160a01b0316866001600160a01b031614155b80620007fe57506001600160a01b03851615155b156200081d5760405163022d833560e01b815260040160405180910390fd5b6200083260018a60008660008f8a89620010cc565b620008ca565b6000828152600760205260409020546001600160a01b0316151580620008755750600082815260076020526040902054600160a01b900460ff1615155b15620008945760405163ae154e0360e01b815260040160405180910390fd5b620008b460208b01803590620008ab908d62001e91565b8b8b8b620016af565b9250620008ca60008a8886898f600089620010cc565b5050979650505050505050565b600062000541620008f4602084018035906200051a908662001e91565b62000e12565b336200090562000d2a565b6001600160a01b03161415801562000944575060033360009081526014602052604090205460ff16600381111562000941576200094162001e7b565b14155b156200096357604051637b32c26b60e01b815260040160405180910390fd5b60006200097c602085018035906200051a908762001e91565b905060006200098b8262001737565b546001600160a01b0316905080620009b657604051639db40a2560e01b815260040160405180910390fd5b620009c5602086018662001e91565b60045463ffffffff918216911603620009f157604051630e5a87cb60e21b815260040160405180910390fd5b600082815260076020526040902060020154600160a01b900460ff1662000a2b57604051634d665d9960e01b815260040160405180910390fd5b604051635bd8487760e11b81526001600160a01b0382169063b7b090ee9062000a5b908790879060040162001f54565b600060405180830381600087803b15801562000a7657600080fd5b505af115801562000a8b573d6000803e3d6000fd5b505050505050505050565b60003362000aa362000d2a565b6001600160a01b03161415801562000ae2575060033360009081526014602052604090205460ff16600381111562000adf5762000adf62001e7b565b14155b1562000b0157604051637b32c26b60e01b815260040160405180910390fd5b6001600160a01b03841662000b2957604051631363580360e21b815260040160405180910390fd5b60045463ffffffff1662000b41602087018762001e91565b63ffffffff160362000b665760405163333de67d60e21b815260040160405180910390fd5b600062000b7f602087018035906200051a908962001e91565b905062000bf96000866001600160a01b031663313ce5676040518163ffffffff1660e01b8152600401602060405180830381865afa15801562000bc6573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019062000bec919062001f86565b8688878b600088620010cc565b849150505b949350505050565b3362000c1162000d2a565b6001600160a01b03161415801562000c50575060033360009081526014602052604090205460ff16600381111562000c4d5762000c4d62001e7b565b14155b1562000c6f57604051637b32c26b60e01b815260040160405180910390fd5b600062000c88602084018035906200051a908662001e91565b90506200052f83838362001780565b60408051808201909152600080825260208201526200054182620018be565b6000828260405160200162000cdb92919091825263ffffffff16602082015260400190565b60405160208183030381529060405280519060200120905092915050565b600080600062000d0d8686866000620018df565b9050600062000d1c8762000e12565b919791965090945050505050565b7fc8fcad8db84d3cc18b4c41d551ea0ee66dd599cde068d998e57d5e09332c1320546001600160a01b031690565b600081815260076020908152604090912060020180546001600160a01b0319166001600160a01b03851617905562000d939084018462001e91565b63ffffffff168360200135827f16285b1cf634d546d51fefe55f6e63e5edf970d2a3d2bd50b55a8cfad25e8b56853360405162000de69291906001600160a01b0392831681529116602082015260400190565b60405180910390a4505050565b60008062000e018362001737565b546001600160a01b03169392505050565b60008062000e208362001737565b600101546001600160a01b03169050806200054157604051630558a50760e31b815260040160405180910390fd5b60008481526007602052604090206002810154600160a01b900460ff1662000e8957604051631c999e7d60e11b815260040160405180910390fd5b60018101546001600160a01b03858116911614158062000eb6575080546001600160a01b03848116911614155b1562000ed5576040516318707fc960e31b815260040160405180910390fd5b815160045463ffffffff908116911614801562000f9257600062000efa846020015190565b6040516370a0823160e01b81523060048201529091506000906001600160a01b038316906370a0823190602401602060405180830381865afa15801562000f45573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019062000f6b919062001fa6565b111562000f8b5760405163454732f160e11b815260040160405180910390fd5b5062001019565b6000846001600160a01b03166318160ddd6040518163ffffffff1660e01b8152600401602060405180830381865afa15801562000fd3573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019062000ff9919062001fa6565b1115620010195760405163454732f160e11b815260040160405180910390fd5b6000868152600760209081526040808320600180820180546001600160a81b0319908116909155600283018054909116905560039091018490556001600160a01b03888116855260068452828520805463ffffffff199081168255908301869055908a16855260058452828520805490911681550192909255905133815287917f9d181adb70e733f5235f839c1eed929407ea8526e41d01f49b9fef703e78dddf910160405180910390a2505050505050565b620010db602084018462001e91565b63ffffffff161580620010f057506020830135155b156200110f576040516375ba0d7960e11b815260040160405180910390fd5b6001600160a01b038616156000816200112957876200112b565b865b905060006200113e602087018762001e91565b60045460008681526007602052604090206002015463ffffffff92831692909116919091149150600160a01b900460ff16156200118e5760405163bfa2bf9b60e01b815260040160405180910390fd5b80620013f3576040516370a0823160e01b815230600482015288906000906001600160a01b038316906370a0823190602401602060405180830381865afa158015620011de573d6000803e3d6000fd5b505050506040513d601f19601f8201168201806040525081019062001204919062001fa6565b6040516340c10f1960e01b8152306004820152600160248201529091506001600160a01b038316906340c10f1990604401600060405180830381600087803b1580156200125057600080fd5b505af115801562001265573d6000803e3d6000fd5b5050505080600162001278919062001fc0565b6040516370a0823160e01b81523060048201526001600160a01b038416906370a0823190602401602060405180830381865afa158015620012bd573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190620012e3919062001fa6565b14620013025760405163016dd8ed60e71b815260040160405180910390fd5b604051632770a7eb60e21b8152306004820152600160248201526001600160a01b03831690639dc29fac90604401600060405180830381600087803b1580156200134b57600080fd5b505af115801562001360573d6000803e3d6000fd5b50506040516370a0823160e01b81523060048201528392506001600160a01b03851691506370a0823190602401602060405180830381865afa158015620013ab573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190620013d1919062001fa6565b14620013f05760405163ad6f16e360e01b815260040160405180910390fd5b50505b6040518061010001604052808c6200140c57896200140f565b60005b6001600160a01b031681526020018b60ff168152602001836001600160a01b0316815260200184620014a657836001600160a01b031663313ce5676040518163ffffffff1660e01b8152600401602060405180830381865afa1580156200147a573d6000803e3d6000fd5b505050506040513d601f19601f82011682018060405250810190620014a0919062001f86565b620014a8565b8b5b60ff90811682526000602080840182905260016040808601829052606080870185905260809687018590528b8552600784529381902087518154898601518816600160a01b9081026001600160a81b03199283166001600160a01b0394851617178455938a01519483018054978b0151909816840296811694821694909417959095179095559486015160028501805460a089015115159097029690921693169290921793909317905560c0830151600382015560e090920151600490920191909155620015799087018762001e91565b6001600160a01b0383166000908152600560209081526040909120805463ffffffff191663ffffffff939093169290921782558701356001909101558a6200161957620015ca602087018762001e91565b6001600160a01b0389166000908152600660209081526040909120805463ffffffff191663ffffffff939093169290921782558701356001909101556200161386888662000d58565b6200162d565b84156200162d576200162d86868662001780565b6200163c602087018762001e91565b63ffffffff168660200135857f0c58c78506e2d526f5ccdba28119c9ca3b5ce48e1462e0e19bc39232db11c632858c336040516200169a939291906001600160a01b0393841681529183166020830152909116604082015260600190565b60405180910390a45050505050505050505050565b6000838383604051620016c29062001a5e565b620016d09392919062001fe2565b604051809103906000f080158015620016ed573d6000803e3d6000fd5b509050806001600160a01b0316868663ffffffff167f84d5e3618bf276f3d29a931646fdd996b398a3efa3cf6bceefc1fe7f0304059f60405160405180910390a495945050505050565b6000818152600760205260408120600180820154839291600160a01b90910460ff161015620017795760405163618cca3f60e11b815260040160405180910390fd5b9392505050565b6200178f602084018462001e91565b60045463ffffffff908116911614620017bb5760405163a56029bd60e01b815260040160405180910390fd5b600081815260076020526040902060030182905581156200185f57600060208401356040516370a0823160e01b81523060048201529091506001600160a01b038216906370a0823190602401602060405180830381865afa15801562001825573d6000803e3d6000fd5b505050506040513d601f19601f820116820180604052508101906200184b919062001fa6565b600083815260076020526040902060040155505b6200186e602084018462001e91565b63ffffffff168360200135827f8976b61819dcee01042166c2c5612babc4f820a30843a7f8b23c0ddc343f6ef4853360405162000de69291909182526001600160a01b0316602082015260400190565b6040805180820190915260008082526020820152620005418260006200191d565b600481015460009063ffffffff908116908416036200190057508262000bfe565b6200190b8562001737565b546001600160a01b0316905062000bfe565b604080518082019091526000808252602082015260408051808201909152600080825260208201526001600160a01b0384166200195c57905062000541565b506001600160a01b03831660009081526005830160209081526040918290208251808401909352805463ffffffff168084526001909101549183019190915215620019a957905062000541565b620019b5848462001a1d565b15620019dd57600483015463ffffffff1681526001600160a01b038416602082015262001779565b506001600160a01b03831660009081526006830160209081526040918290208251808401909352805463ffffffff16835260010154908201529392505050565b6001600160a01b038216600090815260068201602052604081205463ffffffff161562001a4d5750600062000541565b50506001600160a01b03163b151590565b6119d9806200201f83390190565b80356001600160a01b038116811462001a8457600080fd5b919050565b60006020828403121562001a9c57600080fd5b620017798262001a6c565b803563ffffffff8116811462001a8457600080fd5b6000806040838503121562001ad057600080fd5b8235915062001ae26020840162001aa7565b90509250929050565b60006040828403121562001afe57600080fd5b50919050565b6000806060838503121562001b1857600080fd5b62001b24848462001aeb565b915062001ae26040840162001a6c565b60006020828403121562001b4757600080fd5b5035919050565b60008060006080848603121562001b6457600080fd5b62001b70858562001aeb565b925062001b806040850162001a6c565b915062001b906060850162001a6c565b90509250925092565b60006040828403121562001bac57600080fd5b62001779838362001aeb565b60008060006060848603121562001bce57600080fd5b8335925062001be06020850162001a6c565b915062001b906040850162001a6c565b60ff8116811462001c0057600080fd5b50565b634e487b7160e01b600052604160045260246000fd5b600082601f83011262001c2b57600080fd5b813567ffffffffffffffff8082111562001c495762001c4962001c03565b604051601f8301601f19908116603f0116810190828211818310171562001c745762001c7462001c03565b8160405283815286602085880101111562001c8e57600080fd5b836020870160208301376000602085830101528094505050505092915050565b6000806000806000806000610100888a03121562001ccb57600080fd5b62001cd7898962001aeb565b9650604088013562001ce98162001bf0565b9550606088013567ffffffffffffffff8082111562001d0757600080fd5b62001d158b838c0162001c19565b965060808a013591508082111562001d2c57600080fd5b5062001d3b8a828b0162001c19565b94505062001d4c60a0890162001a6c565b925062001d5c60c0890162001a6c565b915060e0880135905092959891949750929550565b60008060006080848603121562001d8757600080fd5b62001d93858562001aeb565b9250604084013567ffffffffffffffff8082111562001db157600080fd5b62001dbf8783880162001c19565b9350606086013591508082111562001dd657600080fd5b5062001de58682870162001c19565b9150509250925092565b60008060008060a0858703121562001e0657600080fd5b62001e12868662001aeb565b935062001e226040860162001a6c565b925062001e326060860162001a6c565b915062001e426080860162001a6c565b905092959194509250565b6000806060838503121562001e6157600080fd5b62001e6d848462001aeb565b946040939093013593505050565b634e487b7160e01b600052602160045260246000fd5b60006020828403121562001ea457600080fd5b620017798262001aa7565b60006040828403121562001ec257600080fd5b6040516040810181811067ffffffffffffffff8211171562001ee85762001ee862001c03565b60405262001ef68362001aa7565b8152602083013560208201528091505092915050565b6000815180845260005b8181101562001f345760208185018101518683018201520162001f16565b506000602082860101526020601f19601f83011685010191505092915050565b60408152600062001f69604083018562001f0c565b828103602084015262001f7d818562001f0c565b95945050505050565b60006020828403121562001f9957600080fd5b8151620017798162001bf0565b60006020828403121562001fb957600080fd5b5051919050565b808201808211156200054157634e487b7160e01b600052601160045260246000fd5b60ff8416815260606020820152600062002000606083018562001f0c565b828103604084015262002014818562001f0c565b969550505050505056fe60e06040523480156200001157600080fd5b50604051620019d9380380620019d9833981016040819052620000349162000245565b828282604051806040016040528060018152602001603160f81b8152506200006b620000656200012c60201b60201c565b62000130565b600462000079848262000358565b50600562000088838262000358565b506006805460ff191660ff9590951694909417909355508051602091820120825192820192909220600983905560c0818152466080818152604080517f8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f818801528082019790975260608701949094528501523060a08086018290528351808703820181529590920190925283519390920192909220600855525062000424915050565b3390565b600080546001600160a01b038381166001600160a01b0319831681178455604051919092169283917f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e09190a35050565b634e487b7160e01b600052604160045260246000fd5b600082601f830112620001a857600080fd5b81516001600160401b0380821115620001c557620001c562000180565b604051601f8301601f19908116603f01168101908282118183101715620001f057620001f062000180565b816040528381526020925086838588010111156200020d57600080fd5b600091505b8382101562000231578582018301518183018401529082019062000212565b600093810190920192909252949350505050565b6000806000606084860312156200025b57600080fd5b835160ff811681146200026d57600080fd5b60208501519093506001600160401b03808211156200028b57600080fd5b620002998783880162000196565b93506040860151915080821115620002b057600080fd5b50620002bf8682870162000196565b9150509250925092565b600181811c90821680620002de57607f821691505b602082108103620002ff57634e487b7160e01b600052602260045260246000fd5b50919050565b601f8211156200035357600081815260208120601f850160051c810160208610156200032e5750805b601f850160051c820191505b818110156200034f578281556001016200033a565b5050505b505050565b81516001600160401b0381111562000374576200037462000180565b6200038c81620003858454620002c9565b8462000305565b602080601f831160018114620003c45760008415620003ab5750858301515b600019600386901b1c1916600185901b1785556200034f565b600085815260208120601f198616915b82811015620003f557888601518255948401946001909101908401620003d4565b5085821015620004145787850151600019600388901b60f8161c191681555b5050505050600190811b01905550565b60805160a05160c05161157e6200045b600039600081816105400152610ba601526000610b2501526000610b4f015261157e6000f3fe608060405234801561001057600080fd5b506004361061012c5760003560e01c80637ecebe00116100ad578063a9059cbb11610071578063a9059cbb14610269578063b7b090ee1461027c578063d505accf1461028f578063dd62ed3e146102a2578063f2fde38b146102b557600080fd5b80637ecebe001461020d5780638da5cb5b1461022057806395d89b411461023b5780639dc29fac14610243578063a457c2d71461025657600080fd5b80633644e515116100f45780633644e515146101ac57806339509351146101b457806340c10f19146101c757806370a08231146101dc578063715018a61461020557600080fd5b806306fdde0314610131578063095ea7b31461014f57806318160ddd1461017257806323b872dd14610184578063313ce56714610197575b600080fd5b6101396102c8565b604051610146919061115b565b60405180910390f35b61016261015d3660046111c5565b61035a565b6040519015158152602001610146565b6003545b604051908152602001610146565b6101626101923660046111ef565b610371565b60065460405160ff9091168152602001610146565b610176610393565b6101626101c23660046111c5565b6103a2565b6101da6101d53660046111c5565b6103de565b005b6101766101ea36600461122b565b6001600160a01b031660009081526001602052604090205490565b6101da6103f4565b61017661021b36600461122b565b610408565b6000546040516001600160a01b039091168152602001610146565b610139610426565b6101da6102513660046111c5565b610435565b6101626102643660046111c5565b610447565b6101626102773660046111c5565b6104c6565b6101da61028a366004611296565b6104d3565b6101da61029d366004611302565b6105c6565b6101766102b0366004611375565b61072a565b6101da6102c336600461122b565b610755565b6060600480546102d7906113a8565b80601f0160208091040260200160405190810160405280929190818152602001828054610303906113a8565b80156103505780601f1061032557610100808354040283529160200191610350565b820191906000526020600020905b81548152906001019060200180831161033357829003601f168201915b5050505050905090565b60006103673384846107ce565b5060015b92915050565b600061037e8433846108f3565b61038984848461096d565b5060019392505050565b600061039d610b18565b905090565b3360008181526002602090815260408083206001600160a01b038716845290915281205490916103679185906103d99086906113dc565b6107ce565b6103e6610bca565b6103f08282610c24565b5050565b6103fc610bca565b6104066000610ce5565b565b6001600160a01b03811660009081526007602052604081205461036b565b6060600580546102d7906113a8565b61043d610bca565b6103f08282610d35565b600080610454338561072a565b9050828110156104b95760405162461bcd60e51b815260206004820152602560248201527f45524332303a2064656372656173656420616c6c6f77616e63652062656c6f77604482015264207a65726f60d81b60648201526084015b60405180910390fd5b61038933858584036107ce565b600061036733848461096d565b6104db610bca565b60046104e8848683611461565b5060056104f6828483611461565b5060008484604051610509929190611522565b604051908190039020600981905590506105647f8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f827f0000000000000000000000000000000000000000000000000000000000000000610e66565b6008556040516105779084908490611522565b6040518091039020858560405161058f929190611522565b604051908190038120907f1ec4c73af923253fb2c28a509dd78d342709289a09929d78c64c0b8e047efbcd90600090a35050505050565b834211156106165760405162461bcd60e51b815260206004820152601d60248201527f45524332305065726d69743a206578706972656420646561646c696e6500000060448201526064016104b0565b60007f6e71edae12b1b97f4d1f60370fef10105fa2faae0126114a169c64845d6126c98888886106458c610eaf565b6040805160208101969096526001600160a01b0394851690860152929091166060840152608083015260a082015260c0810186905260e00160405160208183030381529060405280519060200120905060006106a082610ed7565b905060006106b082878787610f25565b9050896001600160a01b0316816001600160a01b0316146107135760405162461bcd60e51b815260206004820152601e60248201527f45524332305065726d69743a20696e76616c6964207369676e6174757265000060448201526064016104b0565b61071e8a8a8a6107ce565b50505050505050505050565b6001600160a01b03918216600090815260026020908152604080832093909416825291909152205490565b61075d610bca565b6001600160a01b0381166107c25760405162461bcd60e51b815260206004820152602660248201527f4f776e61626c653a206e6577206f776e657220697320746865207a65726f206160448201526564647265737360d01b60648201526084016104b0565b6107cb81610ce5565b50565b6001600160a01b0383166108305760405162461bcd60e51b8152602060048201526024808201527f45524332303a20617070726f76652066726f6d20746865207a65726f206164646044820152637265737360e01b60648201526084016104b0565b6001600160a01b0382166108915760405162461bcd60e51b815260206004820152602260248201527f45524332303a20617070726f766520746f20746865207a65726f206164647265604482015261737360f01b60648201526084016104b0565b6001600160a01b0383811660008181526002602090815260408083209487168084529482529182902085905590518481527f8c5be1e5ebec7d5bd14f71427d1e84f3dd0314c0f7b2291e5b200ac8c7c3b92591015b60405180910390a3505050565b60006108ff848461072a565b90506000198114610967578181101561095a5760405162461bcd60e51b815260206004820152601d60248201527f45524332303a20696e73756666696369656e7420616c6c6f77616e636500000060448201526064016104b0565b61096784848484036107ce565b50505050565b6001600160a01b0383166109d15760405162461bcd60e51b815260206004820152602560248201527f45524332303a207472616e736665722066726f6d20746865207a65726f206164604482015264647265737360d81b60648201526084016104b0565b6001600160a01b038216610a335760405162461bcd60e51b815260206004820152602360248201527f45524332303a207472616e7366657220746f20746865207a65726f206164647260448201526265737360e81b60648201526084016104b0565b6001600160a01b03831660009081526001602052604090205481811015610aab5760405162461bcd60e51b815260206004820152602660248201527f45524332303a207472616e7366657220616d6f756e7420657863656564732062604482015265616c616e636560d01b60648201526084016104b0565b6001600160a01b0380851660008181526001602052604080822086860390559286168082529083902080548601905591517fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef90610b0b9086815260200190565b60405180910390a3610967565b6000306001600160a01b037f000000000000000000000000000000000000000000000000000000000000000016148015610b7157507f000000000000000000000000000000000000000000000000000000000000000046145b15610b7d575060085490565b61039d7f8b73c3c69bb8fe3d512ecc4cf759cc79239f7b179b0ffacaa9a75d522b39400f6009547f0000000000000000000000000000000000000000000000000000000000000000610e66565b6000546001600160a01b031633146104065760405162461bcd60e51b815260206004820181905260248201527f4f776e61626c653a2063616c6c6572206973206e6f7420746865206f776e657260448201526064016104b0565b6001600160a01b038216610c7a5760405162461bcd60e51b815260206004820152601f60248201527f45524332303a206d696e7420746f20746865207a65726f20616464726573730060448201526064016104b0565b8060036000828254610c8c91906113dc565b90915550506001600160a01b0382166000818152600160209081526040808320805486019055518481527fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef910160405180910390a35050565b600080546001600160a01b038381166001600160a01b0319831681178455604051919092169283917f8be0079c531659141344cd1fd0a4f28419497f9722a3daafe3b4186f6b6457e09190a35050565b6001600160a01b038216610d955760405162461bcd60e51b815260206004820152602160248201527f45524332303a206275726e2066726f6d20746865207a65726f206164647265736044820152607360f81b60648201526084016104b0565b6001600160a01b03821660009081526001602052604090205481811015610e095760405162461bcd60e51b815260206004820152602260248201527f45524332303a206275726e20616d6f756e7420657863656564732062616c616e604482015261636560f01b60648201526084016104b0565b6001600160a01b03831660008181526001602090815260408083208686039055600380548790039055518581529192917fddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef91016108e6565b505050565b6040805160208101859052908101839052606081018290524660808201523060a082015260009060c0016040516020818303038152906040528051906020012090509392505050565b6001600160a01b03811660009081526007602052604090208054600181018255905b50919050565b600061036b610ee4610b18565b8360405161190160f01b6020820152602281018390526042810182905260009060620160405160208183030381529060405280519060200120905092915050565b6000806000610f3687878787610f4d565b91509150610f4381611011565b5095945050505050565b6000807f7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0831115610f845750600090506003611008565b6040805160008082526020820180845289905260ff881692820192909252606081018690526080810185905260019060a0016020604051602081039080840390855afa158015610fd8573d6000803e3d6000fd5b5050604051601f1901519150506001600160a01b03811661100157600060019250925050611008565b9150600090505b94509492505050565b600081600481111561102557611025611532565b0361102d5750565b600181600481111561104157611041611532565b0361108e5760405162461bcd60e51b815260206004820152601860248201527f45434453413a20696e76616c6964207369676e6174757265000000000000000060448201526064016104b0565b60028160048111156110a2576110a2611532565b036110ef5760405162461bcd60e51b815260206004820152601f60248201527f45434453413a20696e76616c6964207369676e6174757265206c656e6774680060448201526064016104b0565b600381600481111561110357611103611532565b036107cb5760405162461bcd60e51b815260206004820152602260248201527f45434453413a20696e76616c6964207369676e6174757265202773272076616c604482015261756560f01b60648201526084016104b0565b600060208083528351808285015260005b818110156111885785810183015185820160400152820161116c565b506000604082860101526040601f19601f8301168501019250505092915050565b80356001600160a01b03811681146111c057600080fd5b919050565b600080604083850312156111d857600080fd5b6111e1836111a9565b946020939093013593505050565b60008060006060848603121561120457600080fd5b61120d846111a9565b925061121b602085016111a9565b9150604084013590509250925092565b60006020828403121561123d57600080fd5b611246826111a9565b9392505050565b60008083601f84011261125f57600080fd5b50813567ffffffffffffffff81111561127757600080fd5b60208301915083602082850101111561128f57600080fd5b9250929050565b600080600080604085870312156112ac57600080fd5b843567ffffffffffffffff808211156112c457600080fd5b6112d08883890161124d565b909650945060208701359150808211156112e957600080fd5b506112f68782880161124d565b95989497509550505050565b600080600080600080600060e0888a03121561131d57600080fd5b611326886111a9565b9650611334602089016111a9565b95506040880135945060608801359350608088013560ff8116811461135857600080fd5b9699959850939692959460a0840135945060c09093013592915050565b6000806040838503121561138857600080fd5b611391836111a9565b915061139f602084016111a9565b90509250929050565b600181811c908216806113bc57607f821691505b602082108103610ed157634e487b7160e01b600052602260045260246000fd5b8082018082111561036b57634e487b7160e01b600052601160045260246000fd5b634e487b7160e01b600052604160045260246000fd5b601f821115610e6157600081815260208120601f850160051c8101602086101561143a5750805b601f850160051c820191505b8181101561145957828155600101611446565b505050505050565b67ffffffffffffffff831115611479576114796113fd565b61148d8361148783546113a8565b83611413565b6000601f8411600181146114c157600085156114a95750838201355b600019600387901b1c1916600186901b17835561151b565b600083815260209020601f19861690835b828110156114f257868501358255602094850194600190920191016114d2565b508682101561150f5760001960f88860031b161c19848701351681555b505060018560011b0183555b5050505050565b8183823760009101908152919050565b634e487b7160e01b600052602160045260246000fdfea26469706673582212208113c928e03165e19b5c7ac5b67b85c32ab586cd042677306fbd142d27afccf664736f6c63430008110033a2646970667358221220300cc646d0359b86871a6e263ab844429c60311081ebea2afdd51b016410d91c64736f6c63430008110033
| Age | Block | Fee Address | BC Fee Address | Voting Power | Jailed | Incoming |
|---|